This post was originally published on Network Computing
The recent Forrester Security & Risk Summit in Baltimore featured government cybersecurity officials discussing a newly published guide on zero trust and evaluating the next steps for the security model.
In fact, Forrester is known for introducing the zero-trust security model back in 2009. The motto “never trust, always verify” suggests a least-privilege approach. Former Forrester analyst John Kindervag, now a chief evangelist at Illumio, was an initial champion of zero trust.
In a Dec. 10 panel, cybersecurity leaders discussed “Navigating the Federal Zero Trust Data Security Guide,” which the federal CISO and CDO Councils published on Oct. 31. The guide, developed by 70 people from more than 30 federal agencies and departments, offers a breakdown of how government agencies and organizations should think about data risks. The goal is to provide a practical guide on how to implement zero trust.
A Holistic View of Data and Security
During the session, Steven Hernandez, CISO in the US Department of Education and co-chair of the US federal CISO Council, discussed how the guide could teach federal and private cybersecurity professionals to think from both a zero-trust and data perspective.
“It’s interesting because we talk about how to harness data, so we use a lot of behavioral analytics and logs from our systems,
— Read the rest of this post, which was originally published on Network Computing.