Over the past two years, Siemens has been on a mission to protect a global enterprise through the highest Zero Trust standards, and this journey is far from over.
In this session, program lead Thomas Müller-Lynch share his experiences on the road to Zero Trust readiness of all assets from IT and OT.
This is the story of our journey to Zero Trust, from the initial analysis to its technical and effective implementation. As many organizations our starting point was not the best one (lack of proper asset management, mixed permissions, etc) but when we started to work on a Zero Trust implementation we were able to overcome these and also solve some unforeseen problems and offer major security also through Human Factors and Risk Management. The aim of this talk is to inspire security leaders on what is a Zero Trust Architecture (which is not an off-the-shelf solution and desn't require massive initial investments) and how they can reuse their internal knowledge and tools to deliver it.
Zero trust has been around in one shape or form in security for many years, usually under different names like the "Principle of least privilege" or "Mandatory Access Control''. It exists for a good reason, and needs to be re-enforced. But for any cloud native vendor, Zero Trust should be table stakes at this point. Zero knowledge at the organizational level, and not just Zero knowledge encryption, is the next evolution of security best practices. Join us to learn more.