Category: Handbooks
-
Handbook: Applying Zero Trust Principles in a Cloud-Centric World
Zero Trust … but to Which Cloud? In the cloud-centric world enterprises increasingly operate in, there are different interesting environments that zero trust principles should be applied to. One of them we’ve somewhat talked about the evolution of the enterprise IT network. That network is becoming more and more obsolete, slowly being replaced with different…
-
Handbook: Environments
One challenge of being a CISO is understanding scope: when a colleague tells you a truth (hypothetically “We patch our systems regularly”), in what environment is that true? Maybe they’re just referring to the core Windows Domain servers, or possibly to desktops, but it’s easy for executives, including CISOs, to hear that as “we do…
-
Handbook: Zero Trust Principles
In the 2010s, the cybersecurity community was introduced to the concept of zero trust, the idea that implicitly trusting remote systems might be a … bad idea. John Kindervagt coined the term while at Forrester Research, although practical applications were developed in parallel elsewhere. In response to the breaches from Operation Aurora, Google implemented its…