Zero Trust
Combined Session
Wednesday, June 05, 2024 12:00—13:00
Location: A 05-06
Wednesday, June 05, 2024 12:00—13:00
Location: A 05-06
In today's multi-workload / micro-service environments there are client authentication mechanisms to protect communication between services. This provides consistent server-to-server trust but does not address the protection of a transaction as it traverses through the different workloads. This talk will discuss the recently adopted Transaction Token draft, in the IETF OAuth working group, which defines a mechanism to protect the immutable data of a transaction, protecting it as the completion of the transaction intent is accomplished via multiple backend workloads.
As businesses embrace Digital Transformation and become increasingly cloud-native, mobile, and interconnected, the corporate network perimeter is gradually disappearing, exposing users to malware, ransomware, and other cyber threats. Traditional perimeter security tools no longer provide adequate protection from these threats. Unlike traditional perimeter-based security models that assume trust within the network, Zero Trust Network Access (ZTNA) adopts a more granular and identity-centric approach.
ZTNA is an alternative approach rapidly gaining popularity that essentially replaces the notion of a rigid single, usually hardware-based perimeter of a corporate network with the ability to create multiple dynamic perimeters around individual systems or applications deployed across multiple environments and managed from a centralized control plane. Often expressed as "Never trust, always verify", ZTNA is an embodiment of the principle of least privilege, and at its core mandates that every access request be properly authenticated and authorized.
This session will not only explore the basic principles of ZTNA but will also provide a comprehensive exploration of the ZTNA market segment based on our expert analysis. Attendees can expect an in-depth examination of the relative market share among key players in the ZTNA landscape, identifying the industry leaders and the innovative approaches they employ.
This session delves into the evolving cybersecurity landscape, focusing on the transition from Zero Trust frameworks to Identity Threat Detection and Response (ITDR). A central theme is how ITDR aligns with Zero Trust principles to effectively mitigate risks. Participants will explore key considerations for implementing ITDR, uncovering how it plays a pivotal role in enhancing organizational security.
The session will illuminate potential challenges and pitfalls encountered in global ITDR deployments, providing insights into risk reduction strategies. Additionally, it offers guidance on prioritizing actions and advice on concrete first steps for successful implementation. This is invaluable for security professionals and managers seeking practical, actionable strategies to leverage ITDR in strengthening their organization's defenses within a Zero Trust framework.
Think back to the '90s when computers at work were mostly used by employees. Today, things are different. Everyone and everything—partners, suppliers, and all our devices—are all connected. But surprisingly, our way of protecting who can access what hasn't changed much.
Let's talk about how our world has evolved so much, yet our methods to keep things safe have stayed behind.
This talk dives into why we need a fresh approach—Zero Trust. It's a way to move from just reacting to problems (like firefighters) to actually helping businesses grow. Zero Trust means not blindly trusting anyone or any device and constantly checking to make sure they're safe. It's a game-changer for keeping our information secure and making businesses thrive in our fast-changing digital world.
