Professional Documents
Culture Documents
Foundations of Zero Trust - Webinar
Foundations of Zero Trust - Webinar
Brennan Bouchard,
Multi-Domain Architect
Cisco Security
• Review challenges facing security teams
Agenda
• Understand the shortcomings of traditional security approaches
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
The threat landscape is evolving faster than our approach.
By 2021, more than 75% of midsize and 50% increase in the number of applications 55% of organizations do not have an
large organizations will have adopted a supported by an organization over next two accurate inventory of assets3
multicloud and/or hybrid IT strategy1 years2
The result: Limited network visibility and long times to breach detection
The average time to identify a breach in 2020 was 207 days4
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1. Gartner Predicts., 2. IDG Report, August 2019, 3. ZK Research 2019, 4. Ponemon report, 2020
When we trust too much… Malware Bypasses
Perimeter Defenses
Attack Monetized
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
So, what went wrong?
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Building blocks of every organization
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Simply adding headcount or tools won’t solve the problem.
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 Cisco 2017 Annual Cybersecurity Report 2 Cisco 2017 Annual Cybersecurity Report 3 Cisco 2016 Mid-Year Cybersecurity Report
Improve
Monitoring &
Identify Gaps
Break Down
Drive
Organizational
Standardization
Silos
Site
Reliability
Engineer
Blameless Post-
A Different
Automate Triage
Mortems & Root
& Response
Cause Analysis
Security Operations
Detect/Remediate
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Applying SRE Practices
to Cybersecurity
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• Never assume trust
• Always verify
Zero Trust
Principles
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
The CIA Triad
Information Security Fundamentals
Confidentiality
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Zero Trust
is maturing
Emergence of regulations
and standards US Cybersecurity and Infrastructure Security Agency (CISA) Zero Trust Pillars
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Requiring closer integration & coordination than ever.
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential CISA Applying Zero Trust Principles to Enterprise Mobility – March 2022
What it takes to get Zero Trust right
Zero Trust requirements
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Zero Trust: Assume Malicious Until Proven Otherwise
Device Compliant
BYoD iPad
Network HTTPS
Encrypted
Native Integrations & SRE Magic TLS 1.3
=Restricted Access
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
No magic,
continuously
evolving progress
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Maturity in
Zero Trust is:
• Continuous Validation
• Real Time Analytics
• Dynamic Policy
• Strong Integrations
• Constant Device Monitoring
• Learning Based Threat Protection
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential CISA Zero Trust Maturity Model – June 2021
Enabling security across the full app stack
From dev to runtime
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Facilitating complete visibility
On-premises network
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Working together to maximize effectiveness
Services: Talos Incident Response | Secure Managed Detection and Response | Identity Services Engine (ISE)
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
This is only the beginning
Join us for our upcoming webinars in the series
• Instruction on how to use identity Joe Duggan • How security teams are gaining Oxana Sannikova
and verification tools to success after adopting
Product Manager, Multi-Domain Technical
strengthen your security posture automation practices in their
Security Operations, Solutions Architect, Global
own zero trust security
Cisco Zero Trust / Duo Security Architecture Team,
programs
Cisco
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Thank you
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential