Achieving a Highly Successful Zero Trust Architecture

This workshop will present the core elements necessary to achieve a zero trust architecture.  As organizations undertake digital transformation journeys to increase efficiency, improve agility, and achieve a military or competitive advantage, security practitioners must keep pace. Zero trust breaks organizations free of the current paradigm of “castle and moat” security. We will challenge the current security paradigm that relies on moving users and data within a protective “castle” while protecting those users and data through a stack of security appliances known as the “moat”. We will discuss how to shift in the highly distributed workforce, where applications are transitioning to public cloud service providers for Software as a Service (SaaS), Infrastructure as a Service (IaaS) and Platform as a Service (PaaS), the castle and moat paradigm is no longer effective, and the user experience is greatly impacted.  The scope of discussion for this session covers zero trust, enabling digital transformation by securing connectivity from any user, device, or application to any user, device, or application regardless of where they are located.

This workshop will start with a brief historical perspective describing how we have arrived at the organizational imperative to implement zero trust. Next, an understanding of the current threats driving the move toward zero trust. Finally, the successful zero trust architecture is described through 7 elements broken down into three critical activities to protect users and data: 

• Verify the identity and context (who is connecting, what is the access context, and where is the connection going). 
• Control the content and access (assess risk, prevent compromise, and prevent data loss). 
• Enforce policy to either grant access, conditionally grant access, or deny access.

A period of question and answer will take place to close out the session and maximize participant take always.