zero trust the flaming sword of justice
play

Zero Trust & The Flaming Sword of Justice Dave Lewis, Global - PowerPoint PPT Presentation

Zero Trust & The Flaming Sword of Justice Dave Lewis, Global Advisory CISO September 26th, 2018 Please Allow Me To Introduce Myself.. #WHOAMI Dave Lewis, Global Advisory CISO Castles Dont Scale Dont trust something just because


  1. Zero Trust & The Flaming Sword of Justice Dave Lewis, Global Advisory CISO September 26th, 2018

  2. Please Allow Me To Introduce Myself..

  3. #WHOAMI Dave Lewis, Global Advisory CISO

  4. Castles Don’t Scale

  5. Don’t trust something just because it’s on the “inside” of your firewall

  6. Is the password…password?

  7. No!! Now go away, or I shall taunt you a second time!

  8. Lessons From History The sack of Rome in 410 AD

  9. Remember when you only had to outrun the other hiker?

  10. Now there’s more than enough bear to go around

  11. The Flaming Sword of Justice

  12. Data Breaches

  13. The Summer of Breach 2012

  14. Been There…

  15. What’s Open In Chicago?

  16. 149,040,804

  17. Meanwhile, In Illinois

  18. So, Why Should We Be Concerned? 1,872 50,547 13,027 Open Webcams Compromised Industrial Control Databases Systems

  19. M’kay

  20. ZTN

  21. ZTN Value ● Devaluation of stolen credentials ● Low hanging fruit sours. Proposition ● Complicates lateral movement through uniform security policy. ● Attackers have to work that much harder.

  22. Unified Access Security, Value ● Devaluation of stolen credentials ● Low hanging fruit sours. Proposition ● Complicates lateral movement through uniform security policy. ● Attackers have to work that much harder.

  23. Bastion Hosts

  24. From DMZ To The Soft Chewy Centre

  25. Setting Expectations

  26. Aspire to a Zero Trust Network

  27. A Game of Increments

  28. Determining Priorities

  29. Zero Trust ● Asset Inventory. ● User Management. Shopping List ● Device Management through uniform security policy. ● Defined Repeatable Process. ● User and Entity Behavior Analytics. ● Network Zone Segmentation.

  30. Unified Access Security ● Asset Inventory. ● User Management. Shopping List ● Device Management through uniform security policy. ● Defined Repeatable Process. ● User and Entity Behavior Analytics. ● Network Zone Segmentation.

  31. The Authentications Must Flow

  32. Supply Chain Security

  33. Partner Network, Meet The Pentest

  34. SSH

  35. ZTN ● Build an asset inventory. ● Get a solid hold on user Summary management. ● What’s on your network? ● Defined Repeatable Process ● User and Entity Behavior Analytics. ● Network Zone Segmentation.

  36. Unified Access ● Build an asset inventory. ● Get a solid hold on user Security management. ● What’s on your network? Summary ● Defined Repeatable Process ● User and Entity Behavior Analytics. ● Network Zone Segmentation.

  37. The Sword Is Dissolving

  38. No Need For The Holy Hand Grenade

  39. Thanks! duo.com gattaca@ @ gattaca www.duo.com

Recommend


More recommend