/
Cyber Resilience

Our Favorite Zero Trust Stories from August 2023

We’re back with another Zero Trust news roundup!  

Zero Trust continues to be top of mind for security practitioners and business leaders alike. It was a major focal point at this year’s Black Hat USA conference. And elsewhere, as more federal cybersecurity regulations and frameworks (like the White House’s National Cybersecurity Strategy Implementation Plan) are rolled out and updated, Zero Trust tenets – assume breach and least privilege – remain top of mind.

Here are a few of the Zero Trust stories and perspectives that stood out to us this month.

Tech advocacy groups want a Zero Trust framework to protect the public from AI (CyberScoop, Tonya Riley)

Tonya Riley from CyberScoop

With AI interest and adoption on the rise, a group of public interest tech groups has pushed back against “an increasingly self-regulatory approach” for artificial intelligence. Instead, they’re calling for a “Zero Trust approach to AI governance.” The group believes that there needs to be firmer regulation and oversight of AI as the technology continues to take shape in the market.  

CyberScoop’s Tonya Riley explains, “The [proposed] framework is just the latest push by civil society to get the White House to take a firmer approach to AI regulation as the administration works on an anticipated AI executive order.”  

More on the highly awaited AI executive order can be found here.  

AI was also a core theme at this year’s Black Hat and DEF CON events – the latter of which hosted a dedicated “AI Village” where thousands of ethical hackers participated in various red-teaming exercises aimed at discovering vulnerabilities in the latest AI models.  

You can read more about Illumio’s key takeaways from Black Hat 2023 in this blog post.  

Designing for safety: 10 cybersecurity priorities for a Zero Trust data center (VentureBeat, Louis Columbus)

Louis Columbus from VentureBeat

According to new research, VentureBeat’s Louis Columbus explains that the most vulnerable threat vectors for data centers “include customer support, customer service, and ticket management support portals running on data center servers.”  

If a breach is not quickly discovered or remediated, attackers can steal thousands (even millions) of confidential customer records and steal a company’s most valuable business information.

The key to building cyber resilience in the data center, Louis explains, is to start with Zero Trust: Or “the belief that the data center has already been breached, and further damage must be contained and stopped immediately.”

He goes on to share that “attackers are continuously fine-tuning their craft to find and exploit gaps in data center security architectures and tech stacks. These gaps often appear when long-standing on-premise security platforms are extended to the cloud without the correct configurations, leaving the systems vulnerable to breach.”

For organizations looking to fortify their security posture with a robust Zero Trust architecture, Louis shares that NIST recommends prioritizing microsegmentation, also called Zero Trust Segmentation, from vendors like Illumio, alongside other identity-based governance, authentication, and network and endpoint security management solutions.  

See why 60% of enterprises working toward Zero Trust will use more than one form of microsegmentation by 2026, according to Gartner research.  

A better definition of Zero Trust (LinkedIn, Don Yeske)

Don Yeske, Director of National Security, Department of Homeland Security

I really enjoyed this LinkedIn article from the Director of National Security, Department of Homeland Security (DHS). In it, he calls for a more consistent, accessible definition of Zero Trust – one that leaders of all departments and sizes can appreciate and translate into action.  

He argues that Zero Trust mandates aren’t just a rallying cry for cybersecurity practitioners but an imperative for all business and organizational leaders today.  

He explains, “Success depends on a shared vision that everyone will not only understand, but endorse, and for which everyone is willing to work and sacrifice. Zero trust will compete with other transformations, in terms of time, money, and attention. It will not be cybersecurity professionals who ultimately determine the outcome of this multi-year transformation. It will be leaders across all disciplines, at all levels, in all organizations, who must pull together for this common purpose.”

In short, he proposes this as a new tagline for Zero Trust: “Zero trust is a shift in our approach to cybersecurity: From network-centric security to data centric security.”

For more federal Zero Trust insights, check out this episode of Illumio’s The Segment: A Zero Trust Leadership Podcast.  

That’s all for this month. We’ll be back with more Zero Trust stories soon!

Related topics

No items found.

Related articles

Refocus on Cyber Resilience: 3 Best Practices for Improving Your Cyber Resilience
Cyber Resilience

Refocus on Cyber Resilience: 3 Best Practices for Improving Your Cyber Resilience

Learn how cyber resilience can help in the unfortunate situation that an active breach is detected on your network.

Assume Breach: Best Practices in Cyber Resilience
Cyber Resilience

Assume Breach: Best Practices in Cyber Resilience

To assume breach means taking on an adversary mindset. Here’s what that means for how you think about security investments in people, processes, and technology.

A Manufacturing CISO’s 4 Tips on Proactive Breach Containment with Illumio
Cyber Resilience

A Manufacturing CISO’s 4 Tips on Proactive Breach Containment with Illumio

Learn manufacturing CISO Jamie Rossato's tips for organizations looking to proactively secure against breaches with Illumio ZTS.

Why AI Has a Communication Problem
Cyber Resilience

Why AI Has a Communication Problem

Get insight into why AI-related technology is struggling with "cross-silo" communication.

3 Highlights From Illumio at Black Hat 2023
Zero Trust Segmentation

3 Highlights From Illumio at Black Hat 2023

Get key takeaways from this year's Black Hat conference, including pictures and videos from the event.

4 Key Insights From the 2023 Gartner® Market Guide for Microsegmentation
Zero Trust Segmentation

4 Key Insights From the 2023 Gartner® Market Guide for Microsegmentation

Get insights from the Gartner Market Guide on implementing microsegmentation, also called Zero Trust Segmentation (ZTS), to secure hybrid environments, stop lateral movement, and build Zero Trust.

Assume Breach.
Minimize Impact.
Increase Resilience.

Ready to learn more about Zero Trust Segmentation?