Intelligent CIO Middle East Issue 82 - Page 76

t cht lk

t cht lk

We can no longer use traditional perimeter-based security practices and it can significantly hinder progress if we try to do so . training session every six months is not really going to move the needle in terms of effective detection of malicious activity . We should focus on trying to ensure that we can provide the best available environment for our employees to work in .
What are the principles of Zero Trust and how challenging is it to achieve ? creates additional pressure on security to keep up . Security can often get bypassed in the race to push out a new application , with only minimal controls in place , which could create a wider attack service .
A greater number of companies have expressed an interest recently in taking a Zero Trust approach , in addition to getting a greater understanding of what it entails .
Richard Meeus – Director of Security , Technology and Strategy for Akamai
Users and applications are no longer defined by location . As a result , we can no longer use traditional perimeter-based security practices and it can significantly hinder progress if we try to do so .
How confident do you believe CISOs are regarding their employees ’ ability to apply sound cyber judgement ?
A recent Gartner report highlighted that 88 % of CISOs said they were not confident in this regard . It ’ s important to remember that when it comes to security , employees such as accountants , lawyers , nurses , salespeople and call handlers are being asked to identify clever criminal activity – something that is well outside of their normal job function . A one-hour
Zero Trust means removing location as an arbiter of trust in the corporate world – which means that being in the office does not grant you more trust than if you are connecting from your home . It also means that every request to use an application must be authenticated Continuous authentication and authorisation is an important aspect of Zero Trust , to check whether the individual is exactly who they say they are and is entitled to access those given assets .
What are some of the key questions CISOs should consider while embarking on Zero Trust journeys ?
The first key areas to understand are your assets ; data , applications , platforms and users . It is essential
76 INTELLIGENTCIO MIDDLE EAST www . intelligentcio . com