SlideShare ist ein Scribd-Unternehmen logo

How Zero Trust Makes the Mission Simple & Secure

S
scoopnewsgroup

Dug Song, VP & GM, Cisco & Co-Founder, Duo Security Zero Trust Security Summit 2020 01.28.2020 International Spy Museum

Regierungs- und gemeinnützige Organisationen
1 von 26
Downloaden Sie, um offline zu lesen
How Zero Trust Makes the Mission Simpler & Secure Dug Song, Duo Security
© 2020 Cisco and/or its affiliates. All rights reserved. 2010 A Decade of Data Breaches Source: https://informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/
CONFIDENTIAL INFORMATION PROPERTY OF DUO SECURITY, INC. 2010
© 2020 Cisco and/or its affiliates. All rights reserved. RSA Breach & Impact 2011
© 2020 Cisco and/or its affiliates. All rights reserved. 2014 If an adversary has the credentials of a user on the network, then they can access data even if it's encrypted, just as the users on the network have to access data, and that did occur in this case. So encryption in this instance would not have protected this data.
© 2020 Cisco and/or its affiliates. All rights reserved. 2015 In the next 30 days we know there is a set of things we can do that will fairly dramatically improve our security profile... liketwo-factor authentication, patching, minimizing the number of system administrators that you have and so on. Tony Scott’s 30-day Cyber Sprint
© 2020 Cisco and/or its affiliates. All rights reserved. Google to Obama: Nation’s Cybersecurity Priorities ✓ Strong Authentication ✓ Up-to-Date Devices ✓ End-to-End Encryption
© 2020 Cisco and/or its affiliates. All rights reserved. ✓ Strong Authentication ✓ Up-to-Date Devices ✓ CDM & Monitoring 2016
© 2020 Cisco and/or its affiliates. All rights reserved. People TechnologySecurity
© 2020 Cisco and/or its affiliates. All rights reserved.
© 2020 Cisco and/or its affiliates. All rights reserved.
© 2020 Cisco and/or its affiliates. All rights reserved. 2013
© 2020 Cisco and/or its affiliates. All rights reserved. 2016
© 2020 Cisco and/or its affiliates. All rights reserved. BeyondCorp (2014) 800-207: Zero Trust Architecture (2019) Zero Trust Architecture (2019) Connecting from a particular network must not determine which services you can access All communication is secure regardless of network location Don’t trust the network, including the local network Access to services is granted based on what we know about you and your device Access to resources is determined by policy, including the observable state of user identity and the requesting system, and may include other behavioral attributes Create a single strong user identity Create a strong device identity Know the health of your devices and services Set policies according to value of the service or data All access to services must be authenticated, authorized, and encrypted All data sources and computing services are considered resources Know your architecture including users, devices, and services Access to individual enterprise resources is granted on a per-connection basis Control access to your services and data Choose services designed for zero trust User authentication is dynamic and strictly enforced before access is allowed Authenticate everywhere The enterprise ensures all owned and associated systems are in the most secure state possible and monitors systems to ensure that they remain in the most secure state possible Focus your monitoring on devices and services
© 2020 Cisco and/or its affiliates. All rights reserved. Securing the enterprise User and device access Application and workload access Network access Workforce Workload Workplace SaaS & Public cloud Access happens everywhere – how do you get visibility and ensure secure, trusted access?
© 2020 Cisco and/or its affiliates. All rights reserved. User and device access Zero Trust for the Workforce What to do: How to do it: Verify users’ identities Multifactor Authentication Gain device visibility and establish trust Endpoint health and management status Enforce access policies for every app Adaptive and role-based access controls
© 2020 Cisco and/or its affiliates. All rights reserved. Application and workload access Zero Trust for the Workload What to do: How to do it: Gain visibility into what’s running and what’s critical Identify workload dependencies Contain breaches and minimize lateral movement Application segmentation Alert or block communication if policy is violated Continuous monitoring & response to indicators of compromise
© 2020 Cisco and/or its affiliates. All rights reserved. Zero Trust for the Workplace Network access What to do: How to do it: Discover and classify users, devices and apps on your network Network authentication, profiling authorization Grant the right level of network access based on user and device context Network segmentation Contain infected endpoints and restrict network access Continuous monitoring and responding to threats
© 2020 Cisco and/or its affiliates. All rights reserved. Workforce Duo Workload Tetration Workplace SD-Access Security ensured today and for the future with Zero Trust
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco is a leader in Zero Trust The Forrester Wave™: Zero Trust eXtended Ecosystem Platform Providers, Q4 2019 Tools And Technology: The Zero Trust Security Playbook October 29, 2019 The Forrester Wave™ is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave are trademarks of Forrester Research, Inc. The Forrester Wave is a graphical representation of Forrester's call on a market and is plotted using a detailed spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any vendor, product, or service depicted in the Forrester Wave. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change.
How Zero Trust Makes the Mission Simple & Secure

Empfohlen

Debunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust SecurityDebunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust Security
Centrify Corporation
 
What is Zero Trust
What is Zero TrustWhat is Zero Trust
What is Zero Trust
Okta-Inc
 
An in depth understanding in the application of the zero-trust security model...
An in depth understanding in the application of the zero-trust security model...An in depth understanding in the application of the zero-trust security model...
An in depth understanding in the application of the zero-trust security model...
Max Justice
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec
 
Moving Beyond Zero Trust
Moving Beyond Zero TrustMoving Beyond Zero Trust
Moving Beyond Zero Trust
scoopnewsgroup
 
Tomorrow Starts Here - Security Everywhere
Tomorrow Starts Here - Security Everywhere Tomorrow Starts Here - Security Everywhere
Tomorrow Starts Here - Security Everywhere
Cisco Canada
 
AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...
AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...
AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...
Amazon Web Services
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec
 

Empfohlen

Debunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust SecurityDebunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust Security
Centrify Corporation
 
What is Zero Trust
What is Zero TrustWhat is Zero Trust
What is Zero Trust
Okta-Inc
 
An in depth understanding in the application of the zero-trust security model...
An in depth understanding in the application of the zero-trust security model...An in depth understanding in the application of the zero-trust security model...
An in depth understanding in the application of the zero-trust security model...
Max Justice
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec
 
Moving Beyond Zero Trust
Moving Beyond Zero TrustMoving Beyond Zero Trust
Moving Beyond Zero Trust
scoopnewsgroup
 
Tomorrow Starts Here - Security Everywhere
Tomorrow Starts Here - Security Everywhere Tomorrow Starts Here - Security Everywhere
Tomorrow Starts Here - Security Everywhere
Cisco Canada
 
AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...
AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...
AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...
Amazon Web Services
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec
 
Zero trust in a hybrid architecture
Zero trust in a hybrid architectureZero trust in a hybrid architecture
Zero trust in a hybrid architecture
Hybrid IT Europe
 
Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?
Zscaler
 
Introduction to Cloud Security
Introduction to Cloud SecurityIntroduction to Cloud Security
Introduction to Cloud Security
Susanne Tedrick
 
Three ways-zero-trust-security-redefines-partner-access-v8
Three ways-zero-trust-security-redefines-partner-access-v8Three ways-zero-trust-security-redefines-partner-access-v8
Three ways-zero-trust-security-redefines-partner-access-v8
Zscaler
 
The Zero Trust Model of Information Security
The Zero Trust Model of Information Security The Zero Trust Model of Information Security
The Zero Trust Model of Information Security
Tripwire
 
How Zero Trust Changes Identity & Access
How Zero Trust Changes Identity & AccessHow Zero Trust Changes Identity & Access
How Zero Trust Changes Identity & Access
Ivan Dwyer
 
Zero Trust Network Access
Zero Trust Network Access Zero Trust Network Access
Zero Trust Network Access
Er. Ajay Sirsat
 
Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...
Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...
Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...
Enterprise Management Associates
 
Navigating Zero Trust Presentation Slides
Navigating Zero Trust Presentation SlidesNavigating Zero Trust Presentation Slides
Navigating Zero Trust Presentation Slides
Ivanti
 
Overcoming the Challenges of Architecting for the Cloud
Overcoming the Challenges of Architecting for the CloudOvercoming the Challenges of Architecting for the Cloud
Overcoming the Challenges of Architecting for the Cloud
Zscaler
 
What is zero trust model (ztm)
What is zero trust model (ztm)What is zero trust model (ztm)
What is zero trust model (ztm)
Ahmed Banafa
 
The 1st Step to Zero Trust: Asset Management for Cybersecurity
The 1st Step to Zero Trust: Asset Management for CybersecurityThe 1st Step to Zero Trust: Asset Management for Cybersecurity
The 1st Step to Zero Trust: Asset Management for Cybersecurity
nathan-axonius
 
Don't let wireless_detour_your_pci_compliance
Don't let wireless_detour_your_pci_complianceDon't let wireless_detour_your_pci_compliance
Don't let wireless_detour_your_pci_compliance
Enterprise Technology Management (ETM)
 
What Comes After VPN?
What Comes After VPN?What Comes After VPN?
What Comes After VPN?
Zscaler
 
Proteja sus datos en cualquier servicio Cloud y Web de forma unificada
Proteja sus datos en cualquier servicio Cloud y Web de forma unificadaProteja sus datos en cualquier servicio Cloud y Web de forma unificada
Proteja sus datos en cualquier servicio Cloud y Web de forma unificada
Cristian Garcia G.
 
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoDesafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Cristian Garcia G.
 
Kent King - PKI: Do You Know Your Exposure?
Kent King - PKI: Do You Know Your Exposure?Kent King - PKI: Do You Know Your Exposure?
Kent King - PKI: Do You Know Your Exposure?
centralohioissa
 
Mobile App Security: Enterprise Checklist
Mobile App Security: Enterprise ChecklistMobile App Security: Enterprise Checklist
Mobile App Security: Enterprise Checklist
Jignesh Solanki
 
Sacon - IoT Forum Fresh Thinking (Arvind Tiwary + Bikash Barai)
Sacon - IoT Forum Fresh Thinking (Arvind Tiwary + Bikash Barai)Sacon - IoT Forum Fresh Thinking (Arvind Tiwary + Bikash Barai)
Sacon - IoT Forum Fresh Thinking (Arvind Tiwary + Bikash Barai)
Priyanka Aash
 
SD-WAN - comSpark 2019
SD-WAN - comSpark 2019SD-WAN - comSpark 2019
SD-WAN - comSpark 2019
Advanced Technology Consulting (ATC)
 
The Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and LancopeThe Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and Lancope
Cisco Enterprise Networks
 
Keeping your collaboration safe while working remotely
Keeping your collaboration safe while working remotelyKeeping your collaboration safe while working remotely
Keeping your collaboration safe while working remotely
Cisco Webex
 

Weitere ähnliche Inhalte

Was ist angesagt?

The Zero Trust Model of Information Security
The Zero Trust Model of Information Security The Zero Trust Model of Information Security
The Zero Trust Model of Information Security
Tripwire
 
Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...
Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...
Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...
Enterprise Management Associates
 
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoDesafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Cristian Garcia G.
 
Kent King - PKI: Do You Know Your Exposure?
Kent King - PKI: Do You Know Your Exposure?Kent King - PKI: Do You Know Your Exposure?
Kent King - PKI: Do You Know Your Exposure?
centralohioissa
 

Was ist angesagt? (20)

Zero trust in a hybrid architecture
Zero trust in a hybrid architectureZero trust in a hybrid architecture
Zero trust in a hybrid architecture
 
Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?
 
Introduction to Cloud Security
Introduction to Cloud SecurityIntroduction to Cloud Security
Introduction to Cloud Security
 
Three ways-zero-trust-security-redefines-partner-access-v8
Three ways-zero-trust-security-redefines-partner-access-v8Three ways-zero-trust-security-redefines-partner-access-v8
Three ways-zero-trust-security-redefines-partner-access-v8
 
The Zero Trust Model of Information Security
The Zero Trust Model of Information Security The Zero Trust Model of Information Security
The Zero Trust Model of Information Security
 
How Zero Trust Changes Identity & Access
How Zero Trust Changes Identity & AccessHow Zero Trust Changes Identity & Access
How Zero Trust Changes Identity & Access
 
Zero Trust Network Access
Zero Trust Network Access Zero Trust Network Access
Zero Trust Network Access
 
Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...
Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...
Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...
 
Navigating Zero Trust Presentation Slides
Navigating Zero Trust Presentation SlidesNavigating Zero Trust Presentation Slides
Navigating Zero Trust Presentation Slides
 
Overcoming the Challenges of Architecting for the Cloud
Overcoming the Challenges of Architecting for the CloudOvercoming the Challenges of Architecting for the Cloud
Overcoming the Challenges of Architecting for the Cloud
 
What is zero trust model (ztm)
What is zero trust model (ztm)What is zero trust model (ztm)
What is zero trust model (ztm)
 
The 1st Step to Zero Trust: Asset Management for Cybersecurity
The 1st Step to Zero Trust: Asset Management for CybersecurityThe 1st Step to Zero Trust: Asset Management for Cybersecurity
The 1st Step to Zero Trust: Asset Management for Cybersecurity
 
Don't let wireless_detour_your_pci_compliance
Don't let wireless_detour_your_pci_complianceDon't let wireless_detour_your_pci_compliance
Don't let wireless_detour_your_pci_compliance
 
What Comes After VPN?
What Comes After VPN?What Comes After VPN?
What Comes After VPN?
 
Proteja sus datos en cualquier servicio Cloud y Web de forma unificada
Proteja sus datos en cualquier servicio Cloud y Web de forma unificadaProteja sus datos en cualquier servicio Cloud y Web de forma unificada
Proteja sus datos en cualquier servicio Cloud y Web de forma unificada
 
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoDesafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
 
Kent King - PKI: Do You Know Your Exposure?
Kent King - PKI: Do You Know Your Exposure?Kent King - PKI: Do You Know Your Exposure?
Kent King - PKI: Do You Know Your Exposure?
 
Mobile App Security: Enterprise Checklist
Mobile App Security: Enterprise ChecklistMobile App Security: Enterprise Checklist
Mobile App Security: Enterprise Checklist
 
Sacon - IoT Forum Fresh Thinking (Arvind Tiwary + Bikash Barai)
Sacon - IoT Forum Fresh Thinking (Arvind Tiwary + Bikash Barai)Sacon - IoT Forum Fresh Thinking (Arvind Tiwary + Bikash Barai)
Sacon - IoT Forum Fresh Thinking (Arvind Tiwary + Bikash Barai)
 
SD-WAN - comSpark 2019
SD-WAN - comSpark 2019SD-WAN - comSpark 2019
SD-WAN - comSpark 2019
 

Ähnlich wie How Zero Trust Makes the Mission Simple & Secure

CIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud Apps
CIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud AppsCIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud Apps
CIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud Apps
CloudIDSummit
 
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...
Ivanti
 
Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security
Lancope, Inc.
 
Seven Deadly Threats and Vulnerabilities in Cloud Computing
Seven Deadly Threats and Vulnerabilities in Cloud ComputingSeven Deadly Threats and Vulnerabilities in Cloud Computing
Seven Deadly Threats and Vulnerabilities in Cloud Computing
Mervat Bamiah
 
TECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFE
TECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFETECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFE
TECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFE
James Wier
 

Ähnlich wie How Zero Trust Makes the Mission Simple & Secure (20)

The Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and LancopeThe Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and Lancope
 
Keeping your collaboration safe while working remotely
Keeping your collaboration safe while working remotelyKeeping your collaboration safe while working remotely
Keeping your collaboration safe while working remotely
 
CIS14: Network-Aware IAM
CIS14: Network-Aware IAMCIS14: Network-Aware IAM
CIS14: Network-Aware IAM
 
BYOD Transforming the Enterprise
BYOD Transforming the EnterpriseBYOD Transforming the Enterprise
BYOD Transforming the Enterprise
 
CIS14: Are the Enterprises Ready for Identity of Everything?
CIS14: Are the Enterprises Ready for Identity of Everything?CIS14: Are the Enterprises Ready for Identity of Everything?
CIS14: Are the Enterprises Ready for Identity of Everything?
 
Zero trust deck 2020
Zero trust deck 2020Zero trust deck 2020
Zero trust deck 2020
 
MILCOM 2013 Keynote Presentation: Larry Payne
MILCOM 2013 Keynote Presentation: Larry Payne MILCOM 2013 Keynote Presentation: Larry Payne
MILCOM 2013 Keynote Presentation: Larry Payne
 
Dr K Subramanian
Dr K SubramanianDr K Subramanian
Dr K Subramanian
 
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORKZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
 
The 15 best cloud security practices
The 15 best cloud security practices The 15 best cloud security practices
The 15 best cloud security practices
 
CIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud Apps
CIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud AppsCIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud Apps
CIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud Apps
 
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...
 
Manage Risk By Protecting the Apps and Data Infographic
Manage Risk By Protecting the Apps and Data InfographicManage Risk By Protecting the Apps and Data Infographic
Manage Risk By Protecting the Apps and Data Infographic
 
Manage Risk By Protecting the Apps and Data That Drive Business Productivity
Manage Risk By Protecting the Apps and Data That Drive Business ProductivityManage Risk By Protecting the Apps and Data That Drive Business Productivity
Manage Risk By Protecting the Apps and Data That Drive Business Productivity
 
Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security
 
Seven Deadly Threats and Vulnerabilities in Cloud Computing
Seven Deadly Threats and Vulnerabilities in Cloud ComputingSeven Deadly Threats and Vulnerabilities in Cloud Computing
Seven Deadly Threats and Vulnerabilities in Cloud Computing
 
Seven deadly threats and vulnerabilities in cloud
Seven deadly threats and vulnerabilities in cloudSeven deadly threats and vulnerabilities in cloud
Seven deadly threats and vulnerabilities in cloud
 
Advanced Web Security Deployment
Advanced Web Security DeploymentAdvanced Web Security Deployment
Advanced Web Security Deployment
 
TECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFE
TECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFETECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFE
TECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFE
 
B2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanB2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam Levithan
 

Mehr von scoopnewsgroup

Mehr von scoopnewsgroup (20)

2020: What's on Deck for the PMA
2020: What's on Deck for the PMA2020: What's on Deck for the PMA
2020: What's on Deck for the PMA
 
Modernization Requires Choice
Modernization Requires ChoiceModernization Requires Choice
Modernization Requires Choice
 
Smarter Access is the Bridge to Security Modernization
Smarter Access is the Bridge to Security ModernizationSmarter Access is the Bridge to Security Modernization
Smarter Access is the Bridge to Security Modernization
 
Building a Zero Trust Architecture
Building a Zero Trust ArchitectureBuilding a Zero Trust Architecture
Building a Zero Trust Architecture
 
History of Data-Centric Transformation
History of Data-Centric TransformationHistory of Data-Centric Transformation
History of Data-Centric Transformation
 
IC Fireside Chat
IC Fireside ChatIC Fireside Chat
IC Fireside Chat
 
The Edge to AI
The Edge to AIThe Edge to AI
The Edge to AI
 
Data Strategy – What Does an Enterprise Data Cloud Mean for Your Agency?
Data Strategy – What Does an Enterprise Data Cloud Mean for Your Agency?Data Strategy – What Does an Enterprise Data Cloud Mean for Your Agency?
Data Strategy – What Does an Enterprise Data Cloud Mean for Your Agency?
 
Devil's Bargain: Sacrificing Strategic Investments to Fund Today's Problems
Devil's Bargain: Sacrificing Strategic Investments to Fund Today's ProblemsDevil's Bargain: Sacrificing Strategic Investments to Fund Today's Problems
Devil's Bargain: Sacrificing Strategic Investments to Fund Today's Problems
 
Keeping the Workforce of the Future Empowered, Engaged & Happy
Keeping the Workforce of the Future Empowered, Engaged & HappyKeeping the Workforce of the Future Empowered, Engaged & Happy
Keeping the Workforce of the Future Empowered, Engaged & Happy
 
Opening Remarks
Opening RemarksOpening Remarks
Opening Remarks
 
It All Starts with Linux
It All Starts with LinuxIt All Starts with Linux
It All Starts with Linux
 
Leadership in the Digital Age
Leadership in the Digital AgeLeadership in the Digital Age
Leadership in the Digital Age
 
Digital Transformation for Government
Digital Transformation for GovernmentDigital Transformation for Government
Digital Transformation for Government
 
DevSecOps: The DoD Software Factory
DevSecOps: The DoD Software FactoryDevSecOps: The DoD Software Factory
DevSecOps: The DoD Software Factory
 
Enhancing your Cyber Skills through a Cyber Range
Enhancing your Cyber Skills through a Cyber RangeEnhancing your Cyber Skills through a Cyber Range
Enhancing your Cyber Skills through a Cyber Range
 
Lessons Learned from Fire Escapes for Cybersecurity
Lessons Learned from Fire Escapes for CybersecurityLessons Learned from Fire Escapes for Cybersecurity
Lessons Learned from Fire Escapes for Cybersecurity
 
2019 FedScoop Public Sector innovation Summit
2019 FedScoop Public Sector innovation Summit2019 FedScoop Public Sector innovation Summit
2019 FedScoop Public Sector innovation Summit
 
FedScoop Public Sector Innovation Summit DOD Enterprise DevSecOps Initiative ...
FedScoop Public Sector Innovation Summit DOD Enterprise DevSecOps Initiative ...FedScoop Public Sector Innovation Summit DOD Enterprise DevSecOps Initiative ...
FedScoop Public Sector Innovation Summit DOD Enterprise DevSecOps Initiative ...
 
FedScoop Public Sector Innovation Summit Peter Wallace, CIO, Virginia Beach- ...
FedScoop Public Sector Innovation Summit Peter Wallace, CIO, Virginia Beach- ...FedScoop Public Sector Innovation Summit Peter Wallace, CIO, Virginia Beach- ...
FedScoop Public Sector Innovation Summit Peter Wallace, CIO, Virginia Beach- ...
 

Kürzlich hochgeladen

Unique Value Prop slide deck________.pdf
Unique Value Prop slide deck________.pdfUnique Value Prop slide deck________.pdf
Unique Value Prop slide deck________.pdf
ScottMeyers35
 
Call Girls in Moti Bagh (delhi) call me [8448380779] escort service 24X7
Call Girls in Moti Bagh (delhi) call me [8448380779] escort service 24X7Call Girls in Moti Bagh (delhi) call me [8448380779] escort service 24X7
Call Girls in Moti Bagh (delhi) call me [8448380779] escort service 24X7
Delhi Call girls
 
Dating Call Girls inBaloda Bazar Bhatapara 9332606886Call Girls Advance Cash...
Dating Call Girls inBaloda Bazar Bhatapara 9332606886Call Girls Advance Cash...Dating Call Girls inBaloda Bazar Bhatapara 9332606886Call Girls Advance Cash...
Dating Call Girls inBaloda Bazar Bhatapara 9332606886Call Girls Advance Cash...
kumargunjan9515
 
Cara Gugurkan Pembuahan Secara Alami Dan Cepat ABORSI KANDUNGAN 087776558899
Cara Gugurkan Pembuahan Secara Alami Dan Cepat ABORSI KANDUNGAN 087776558899Cara Gugurkan Pembuahan Secara Alami Dan Cepat ABORSI KANDUNGAN 087776558899
Cara Gugurkan Pembuahan Secara Alami Dan Cepat ABORSI KANDUNGAN 087776558899
Cara Menggugurkan Kandungan 087776558899
 

Kürzlich hochgeladen (20)

Scaling up coastal adaptation in Maldives through the NAP process
Scaling up coastal adaptation in Maldives through the NAP processScaling up coastal adaptation in Maldives through the NAP process
Scaling up coastal adaptation in Maldives through the NAP process
 
31st World Press Freedom Day Conference in Santiago.
31st World Press Freedom Day Conference in Santiago.31st World Press Freedom Day Conference in Santiago.
31st World Press Freedom Day Conference in Santiago.
 
Finance strategies for adaptation. Presentation for CANCC
Finance strategies for adaptation. Presentation for CANCCFinance strategies for adaptation. Presentation for CANCC
Finance strategies for adaptation. Presentation for CANCC
 
unang digmaang pandaigdig tagalog version
unang digmaang pandaigdig tagalog versionunang digmaang pandaigdig tagalog version
unang digmaang pandaigdig tagalog version
 
Election 2024 Presiding Duty Keypoints_01.pdf
Election 2024 Presiding Duty Keypoints_01.pdfElection 2024 Presiding Duty Keypoints_01.pdf
Election 2024 Presiding Duty Keypoints_01.pdf
 
Cheap Call Girls In Hyderabad Phone No 📞 9352988975 📞 Elite Escort Service Av...
Cheap Call Girls In Hyderabad Phone No 📞 9352988975 📞 Elite Escort Service Av...Cheap Call Girls In Hyderabad Phone No 📞 9352988975 📞 Elite Escort Service Av...
Cheap Call Girls In Hyderabad Phone No 📞 9352988975 📞 Elite Escort Service Av...
 
Contributi dei parlamentari del PD - Contributi L. 3/2019
Contributi dei parlamentari del PD - Contributi L. 3/2019Contributi dei parlamentari del PD - Contributi L. 3/2019
Contributi dei parlamentari del PD - Contributi L. 3/2019
 
Unique Value Prop slide deck________.pdf
Unique Value Prop slide deck________.pdfUnique Value Prop slide deck________.pdf
Unique Value Prop slide deck________.pdf
 
Call Girls in Moti Bagh (delhi) call me [8448380779] escort service 24X7
Call Girls in Moti Bagh (delhi) call me [8448380779] escort service 24X7Call Girls in Moti Bagh (delhi) call me [8448380779] escort service 24X7
Call Girls in Moti Bagh (delhi) call me [8448380779] escort service 24X7
 
Sustainability by Design: Assessment Tool for Just Energy Transition Plans
Sustainability by Design: Assessment Tool for Just Energy Transition PlansSustainability by Design: Assessment Tool for Just Energy Transition Plans
Sustainability by Design: Assessment Tool for Just Energy Transition Plans
 
An Atoll Futures Research Institute? Presentation for CANCC
An Atoll Futures Research Institute? Presentation for CANCCAn Atoll Futures Research Institute? Presentation for CANCC
An Atoll Futures Research Institute? Presentation for CANCC
 
Time, Stress & Work Life Balance for Clerks with Beckie Whitehouse
Time, Stress & Work Life Balance for Clerks with Beckie WhitehouseTime, Stress & Work Life Balance for Clerks with Beckie Whitehouse
Time, Stress & Work Life Balance for Clerks with Beckie Whitehouse
 
tOld settlement register shouldnotaffect BTR
tOld settlement register shouldnotaffect BTRtOld settlement register shouldnotaffect BTR
tOld settlement register shouldnotaffect BTR
 
Honasa Consumer Limited Impact Report 2024.pdf
Honasa Consumer Limited Impact Report 2024.pdfHonasa Consumer Limited Impact Report 2024.pdf
Honasa Consumer Limited Impact Report 2024.pdf
 
Tuvalu Coastal Adaptation Project (TCAP)
Tuvalu Coastal Adaptation Project (TCAP)Tuvalu Coastal Adaptation Project (TCAP)
Tuvalu Coastal Adaptation Project (TCAP)
 
Dating Call Girls inBaloda Bazar Bhatapara 9332606886Call Girls Advance Cash...
Dating Call Girls inBaloda Bazar Bhatapara 9332606886Call Girls Advance Cash...Dating Call Girls inBaloda Bazar Bhatapara 9332606886Call Girls Advance Cash...
Dating Call Girls inBaloda Bazar Bhatapara 9332606886Call Girls Advance Cash...
 
2024 UNESCO/Guillermo Cano World Press Freedom Prize
2024 UNESCO/Guillermo Cano World Press Freedom Prize2024 UNESCO/Guillermo Cano World Press Freedom Prize
2024 UNESCO/Guillermo Cano World Press Freedom Prize
 
74th Amendment of India PPT by Piyush(IC).pptx
74th Amendment of India PPT by Piyush(IC).pptx74th Amendment of India PPT by Piyush(IC).pptx
74th Amendment of India PPT by Piyush(IC).pptx
 
Cara Gugurkan Pembuahan Secara Alami Dan Cepat ABORSI KANDUNGAN 087776558899
Cara Gugurkan Pembuahan Secara Alami Dan Cepat ABORSI KANDUNGAN 087776558899Cara Gugurkan Pembuahan Secara Alami Dan Cepat ABORSI KANDUNGAN 087776558899
Cara Gugurkan Pembuahan Secara Alami Dan Cepat ABORSI KANDUNGAN 087776558899
 
Panchayath circular KLC -Panchayath raj act s 169, 218
Panchayath circular KLC -Panchayath raj act s 169, 218Panchayath circular KLC -Panchayath raj act s 169, 218
Panchayath circular KLC -Panchayath raj act s 169, 218
 

How Zero Trust Makes the Mission Simple & Secure

  • 1.
  • 2. How Zero Trust Makes the Mission Simpler & Secure Dug Song, Duo Security
  • 3. © 2020 Cisco and/or its affiliates. All rights reserved. 2010 A Decade of Data Breaches Source: https://informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/
  • 4. CONFIDENTIAL INFORMATION PROPERTY OF DUO SECURITY, INC. 2010
  • 5. © 2020 Cisco and/or its affiliates. All rights reserved. RSA Breach & Impact 2011
  • 6. © 2020 Cisco and/or its affiliates. All rights reserved. 2014 If an adversary has the credentials of a user on the network, then they can access data even if it's encrypted, just as the users on the network have to access data, and that did occur in this case. So encryption in this instance would not have protected this data.
  • 7. © 2020 Cisco and/or its affiliates. All rights reserved. 2015 In the next 30 days we know there is a set of things we can do that will fairly dramatically improve our security profile... liketwo-factor authentication, patching, minimizing the number of system administrators that you have and so on. Tony Scott’s 30-day Cyber Sprint
  • 8. © 2020 Cisco and/or its affiliates. All rights reserved. Google to Obama: Nation’s Cybersecurity Priorities ✓ Strong Authentication ✓ Up-to-Date Devices ✓ End-to-End Encryption
  • 9. © 2020 Cisco and/or its affiliates. All rights reserved. ✓ Strong Authentication ✓ Up-to-Date Devices ✓ CDM & Monitoring 2016
  • 10.
  • 11.
  • 12.
  • 13. © 2020 Cisco and/or its affiliates. All rights reserved. People TechnologySecurity
  • 14.
  • 15. © 2020 Cisco and/or its affiliates. All rights reserved.
  • 16. © 2020 Cisco and/or its affiliates. All rights reserved.
  • 17. © 2020 Cisco and/or its affiliates. All rights reserved. 2013
  • 18. © 2020 Cisco and/or its affiliates. All rights reserved. 2016
  • 19. © 2020 Cisco and/or its affiliates. All rights reserved. BeyondCorp (2014) 800-207: Zero Trust Architecture (2019) Zero Trust Architecture (2019) Connecting from a particular network must not determine which services you can access All communication is secure regardless of network location Don’t trust the network, including the local network Access to services is granted based on what we know about you and your device Access to resources is determined by policy, including the observable state of user identity and the requesting system, and may include other behavioral attributes Create a single strong user identity Create a strong device identity Know the health of your devices and services Set policies according to value of the service or data All access to services must be authenticated, authorized, and encrypted All data sources and computing services are considered resources Know your architecture including users, devices, and services Access to individual enterprise resources is granted on a per-connection basis Control access to your services and data Choose services designed for zero trust User authentication is dynamic and strictly enforced before access is allowed Authenticate everywhere The enterprise ensures all owned and associated systems are in the most secure state possible and monitors systems to ensure that they remain in the most secure state possible Focus your monitoring on devices and services
  • 20. © 2020 Cisco and/or its affiliates. All rights reserved. Securing the enterprise User and device access Application and workload access Network access Workforce Workload Workplace SaaS & Public cloud Access happens everywhere – how do you get visibility and ensure secure, trusted access?
  • 21. © 2020 Cisco and/or its affiliates. All rights reserved. User and device access Zero Trust for the Workforce What to do: How to do it: Verify users’ identities Multifactor Authentication Gain device visibility and establish trust Endpoint health and management status Enforce access policies for every app Adaptive and role-based access controls
  • 22. © 2020 Cisco and/or its affiliates. All rights reserved. Application and workload access Zero Trust for the Workload What to do: How to do it: Gain visibility into what’s running and what’s critical Identify workload dependencies Contain breaches and minimize lateral movement Application segmentation Alert or block communication if policy is violated Continuous monitoring & response to indicators of compromise
  • 23. © 2020 Cisco and/or its affiliates. All rights reserved. Zero Trust for the Workplace Network access What to do: How to do it: Discover and classify users, devices and apps on your network Network authentication, profiling authorization Grant the right level of network access based on user and device context Network segmentation Contain infected endpoints and restrict network access Continuous monitoring and responding to threats
  • 24. © 2020 Cisco and/or its affiliates. All rights reserved. Workforce Duo Workload Tetration Workplace SD-Access Security ensured today and for the future with Zero Trust
  • 25. © 2020 Cisco and/or its affiliates. All rights reserved. Cisco is a leader in Zero Trust The Forrester Wave™: Zero Trust eXtended Ecosystem Platform Providers, Q4 2019 Tools And Technology: The Zero Trust Security Playbook October 29, 2019 The Forrester Wave™ is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave are trademarks of Forrester Research, Inc. The Forrester Wave is a graphical representation of Forrester's call on a market and is plotted using a detailed spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any vendor, product, or service depicted in the Forrester Wave. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change.