Do you have a security strategy? Do you need one? And what does this have to do with Zero Trust?
Thanks to those of you who joined us for the inaugural meeting of The Neighborhood ( https://numberlinesecurity.com/theneighborhood/ ), our new Zero Trust practitioner peer community. This was a great conversation, with people bringing different perspectives on how they and their enterprises are approaching Zero Trust.
Our topic for this session was Zero Trust as a Security Strategy, and I want to highlight one specific point that we discussed, which was around the definition of a Security Strategy.
We all agreed that Zero Trust is a security strategy, but had to talk through what exactly we meant by a security strategy, and how this strategy manifested itself within their enterprises. I’m distilling this down here, but essentially we agreed that a security strategy is what you use to define your vision, prioritize investments (time and budget), and define the structure of your security team and program. So far, this is straightforward, but the interesting bit was when someone made the offhand comment that “this is the first time that we’ve actually had a security strategy”.
This sparked a great and intense discussion – and the consensus was that in general, information security organizations don’t have a strategy in place, so the adoption of Zero Trust is actually the first time they’ve defined one. That is - Zero Trust isn’t replacing an existing security strategy, it’s sparking the team to create their first ever security strategy.?
And this is a fundamentally important, but often overlooked aspect of Zero Trust. In fact, I don’t think I ever thought of it this way before this conversation!?
领英推荐
So treat Zero Trust as not just a way to implement information security best practices, but also as a way to for the first time give your team a unified way of thinking about and approaching security within your enterprise.?
Interested in exploring this further, and talking about how a Zero Trust strategy can benefit your enterprise? Sign up for a free, 30-minute one-on-one Zero Trust Strategy Kickstart session : https://ms.numberlinesecurity.com/ztsk?
We’ll use this time to share our deep experience helping enterprises define and launch successful Zero Trust initiatives, and we’ll walk you through the What, Why and How of our Zero Trust Strategy methodology. After this session, you'll be ready to define and execute a Zero Trust strategy that will be highly effective for your enterprise, and be able to rapidly and incrementally deliver results.
Sign up here https://ms.numberlinesecurity.com/ztsk
We look forward to meeting with you.
Secure Cloud Adoption Instructor and Board Advisor. CCSK CCZT and more.
2 个月Looks like Zero Trust is the catalyst we have been waiting for to bridge the gap between governance, architecture and technology.