/
Cyber Resilience

Our Favorite Zero Trust Stories from February 2024

As we roll into the new year, it’s clear that Zero Trust remains just as topical and timely as it did in 2023.  

Particularly for organizations in healthcare, education, and for federal agencies looking to make good on upcoming Zero Trust deadlines, actioning on Zero Trust plans will be mission critical for business continuity, compliance, and operational resilience in the year ahead – especially as ransomware attacks continue unabated.

For organizations looking to make progress on their Zero Trust initiatives, here are a few of the datapoints, Q&As, and stories that we found most insightful and inspiring this month.

Getting zero-trust initiatives off the ground (SC Magazine, Daniel Thomas)

Looking to get your Zero Trust initiatives or investments off the ground in 2024? SC Magazine reporter Daniel Thomas unpacks key findings from a new Zero Trust survey by CyberRisk Alliance.

Daniel Thomas for SC Magazine

Among other things, the report underscores what “Zero Trust front-runners" get right in adopting and embracing Zero Trust, and what others can learn to maximize their own Zero Trust ROI. A couple of the report’s key recommendations:  

  • Start small to see real progress: “Zero-trust front runners start small to gauge reactions, measure performance, and collect feedback to inform more ambitious efforts down the line.”
  • Keep end users in the loop: “Front-runners acknowledged that users are more amenable to zero-trust enforcement when they’re provided insight into why it’s the right step forward.”
  • Get leadership on board for maximum business buy-in: “The cost of implementing zero trust is the cost of protecting the institution from data breaches, which can result in millions of dollars lost, damage to public reputation, and severing of relationships with customers and clients,” Thomas writes. “CISOs can shore up support from other leaders by illustrating why zero trust is much more economical and risk-conscious than alternative security approaches.”

Q&A: DOD’s Principal Deputy CIO Outlines Progress Toward Zero Trust (FedTech, Elizabeth Neus)

As U.S. federal agencies look to action on Zero Trust plans in 2024 – particularly for civilian agencies who are up against a September 2024 OMB compliance deadline – it's always helpful to hear how leaders are approaching Zero Trust and resilience strategies in real time.  

FedTech reporter Elizabeth Neus sat down with the Department of Defense (DOD)’s Principal Deputy CIO Leslie Beavers to unpack how the DOD’s thinking about its Zero Trust roadmap in the years ahead. The two discussed challenges along the way (including optimizing budgets and a mixed bag of modern and legacy technologies), and why “the journey starts with getting back to basics.”  

Though most imminently: “We’re focusing on the required compliance capability at its highest level — tag the people, tag the data and audit,” explained Beavers. “We’re well on our way. We’re not aiming to get rid of the perimeter defense. That, of course, is still part of a network. We want to increase our awareness of what’s happening on the network to improve our ability to secure the information within our networks.”

It’s a crucial callout and an important proof point for how tools like Zero Trust Segmentation can help public and private organizations spot and mitigate risk while enhancing existing perimeter defenses. To learn more about how firewalls and perimeter defenses are more effective with Illumio, check out this blog. And for more information on Illumio Government Cloud, visit our federal resource page.  

Las Vegas Gears Up for Super Bowl Cyber Challenge (Wall Street Journal, James Rundle)

James Rundle for Wall Street Journal

Lastly, while this piece doesn't include Zero Trust by name, it’s a good representation of how proactivity, preparedness, and cross-team collaboration can help organizations better tackle (and stay ahead of) ransomware concerns.  

WSJ reporter James Rundle writes, “Securing any major sporting event can be a nightmare. Almost every aspect of a game day, including ticketing, on-site sales, operating scoreboards, interactive fan experiences and gaming involve some form of internet access, meaning it can all potentially be attacked.”

And the city of Las Vegas’ CISO Mike Sherwood notes that it takes months of preparation prior to ensure operational resilience come gameday.  

“It doesn’t just start with the day of the event. It’s months ahead prior, doing lots of different types of scenario testing, and training and role-playing exercises,” Sherwood says. “And it won’t end when the Super Bowl ends.”

As our world grows increasingly hyperconnected and we see new threats continually evolve and emerge, cross-team collaboration and buy-in to cybersecurity proactivity and models like Zero Trust will be even more essential. They’ll ensure that, from kickoff to the end of the fourth quarter, the focus is on the players and the game – and not the digital adversaries.  

That’s all for this month. We’ll be back with more Zero Trust stories soon!

Related topics

No items found.

Related articles

Banning Ransom Payments, Zero Trust for Microsoft Azure Firewall, and Recent UK Breaches
Cyber Resilience

Banning Ransom Payments, Zero Trust for Microsoft Azure Firewall, and Recent UK Breaches

Get a summary of Illumio's news coverage for August 2023.

3 Cybersecurity Predictions for 2020
Cyber Resilience

3 Cybersecurity Predictions for 2020

Insights regarding the convergence of physical infiltration with cyberattacks and what that means for cybersecurity.

How To Implement Zero Trust
Cyber Resilience

How To Implement Zero Trust

A comprehensive overview of how to implement Zero Trust architecture and employing Zero Trust best practices.

John Kindervag's 3 Zero Trust Truths for Government Agencies
Cyber Resilience

John Kindervag's 3 Zero Trust Truths for Government Agencies

Get insight from John Kindervag on the key Zero Trust truths government agencies need to know as they comply with Zero Trust mandates.

3 Steps CISOs Must Take to Prove Cybersecurity Value
Cyber Resilience

3 Steps CISOs Must Take to Prove Cybersecurity Value

Learn the value-based approach to security that will succeed in the boardroom and protect your organization from evolving cyber threats.

3 Keys to Managing the Legal Fallout From Cyberattacks
Cyber Resilience

3 Keys to Managing the Legal Fallout From Cyberattacks

Learn how to stay prepared for the legal fallout of a breach or ransomware attack.

Assume Breach.
Minimize Impact.
Increase Resilience.

Ready to learn more about Zero Trust Segmentation?