Essential Components of a Zero Trust
The key components of an effective “zero trust” architecture include multifactor authentication, network segmentation, and a defense-in-depth approach, says Dr. Erdal Ozkaya, regional CISO and managing director at Standard Chartered Bank. You can watch the view interview with we did with Information Security Media Group:
Video Training : Essential Components of a ‘Zero Trust’ Architecture
“In a zero trust model, identity and micro-segmentation play a key role in enhancing existing network security by shrinking the trusted network to each server’s IP address to enable … authorization of the users,” Ozkaya says.
In this video interview with Information Security Media Group, Ozkaya emphasizes the importance of having the right security cloud partner who can apply multiple layers of authentication and access control mechanisms. He also offers insights on:
- How an identity-centric approach works in a ‘zero trust’ environment;
- Improving access control mechanisms;
- Building a business case for a ‘zero trust’ approach.
As regional CISO at Standard Chartered Bank, Ozkaya oversees all assurance activities related to the availability, integrity, and confidentiality of customer, business partner, employee and business information in compliance with the organization’s information security policies. He has co-authored several cybersecurity books as well as security certification courses and exams for different vendors. He is the recipient of several awards including, Global Future Security Leader, Super Hero CISO (2020) Cyber Security Professional of the year MEA, Hall of Fame by CISO Magazine, Cybersecurity Influencer of the year (2019), Microsoft Circle of Excellence Platinum Club (2017), NATO Center of Excellence (2016).
For more evets :
Zero Trust is a security concept centered on the fact that organizations should not automatically trust anything outside and inside its perimeters and instead must verify everything trying to connect to its systems prior to granting access. This extra layer of protection has been established to prevent data breaches.
Businesses are presently functioning more differently than they did just a few years ago. We find that devices, employees, and also applications are no longer locked inside the corporate perimeter. They are all on the web and hence a unique approach is needed to provide security for a whole new type of anywhere, anytime workers and cloud-based applications. Organizations are now moving away from solutions that secure the perimeter and are instead going towards employing a zero trust model in order to protect sensitive data and resources.
Zero Trust Definition
A zero trust security solution constantly evaluates trust every time a device or user requests access to a resource. This method prevents attackers from exploiting vulnerabilities in the perimeter to gain entry and then access confidential data and applications.