Welcome to our December Newsletter

Welcome to our final Numberline Security newsletter of the year! With the holiday season upon us (quickly followed up by 2025), it’s time to find a balance between reflecting on the past year, and planning for what’s ahead.

The season is about gift-giving, so don’t forget about the most important person in your life ... yourself!

Here are some ideas:

• A pair of warm, comfy socks - we love Bombas
• A box of the fabulous Harry & David pears - they are great to share with friends and family
• Peace of mind -- develop a Zero Trust strategy for 2025

Finally, in all seriousness, be sure to take some time off to relax, decompress, and think about things other than information security. Listen to some good music, go for a walk, cook, and spend time with friends and family.

News

• Hello, Dalí: Surrealism and Zero Trust: Not that we want to give users a surreal experience, but rather to, like Dalí, leverage best practices and proven methods, combining them in a novel and more effective way. Find our blog post here.
• Quicksand and Brick Walls: Common Enterprise Security Obstacles (and how to overcome them): The best way to navigate quicksand and brick walls is to tie security initiatives to business value. Granted this is ?sometimes easier said than done, but don’t panic. Blog post here.
• Thoughts on the new Federal Trust Data Security Guidelines: What is our take on this? And how can private sector firms benefit? ?Read the blog post here.

The View from Point Zero:

By Jason Garbis, Numberline Security Founder and CEO

I spend a lot of my time speaking to different enterprises about their security programs, and about how to best apply a Zero Trust strategy. What I find interesting is how many organizations struggle with what I call “security debt”. We’re all familiar with the concept of “tech debt”, which occurs when enterprises don’t invest the time and energy to keep their systems up to date. And like with deferred maintenance in a building, payback can be a doozy.

Technical debt, of course, also applies to security systems, but security debt is a little bit different. Security debt really manifests itself as a lack of visibility and control over the IT environment. This encompasses user activity, devices and services running on the network, and consumption of SaaS based applications. Much of this is driven by a lack of proper process and policy – that is, governance activities. Governance – including identity governance and control of workload deployment, may not be the most exciting topic, but it is among the most important.

The reason is that every action taken that follows defined processes strengthens the organization and improves its visibility, control, and resilience. Conversely, every action taken that does not follow a defined process decreases organizational visibility, resilience, and control. Which leads to worse security, increased friction, and worse user experiences – that is, security debt.

So as you plan for 2025, take a look at your governance processes across the board, and think about how they can pay dividends for you by increasing their rigor and better enforcing them. This is a balancing act - too much process and control will impede productivity – but please, let's stop digging ourselves further into security debt.

Let us help you

How ready are you? Find out the easy way by joining us for a free, 30-minute session to ensure your Zero Trust strategy is set up for success. For more information visit us here!