zero trust

Insights

BLOG

The Forrester Wave™: Zero Trust eXtended (ZTX) Ecosystem Providers, Q4 2018 — Truth

Chase Cunningham 12 hours ago

We just wrapped up five months of in-depth research focused on providing some clarity into what technologies from which vendors actually enable Zero Trust (not just talk about it). It didn’t take long to discern those among the vendor community that really embraced the strategic benefits of Zero Trust — and those that seemed to just […]

Read More
BLOG

Computational Propaganda: How Your Organization Could Be Attacked Like A Politician

Chase Cunningham October 18, 2018

Sending malicious payloads and packets is no longer the standard in threat operations. In today’s world of massive social media presence and influence, malicious actors can bring an organization to its knees — 280 characters at a time. This isn’t an attack on your infrastructure but an attack of computational propaganda aimed to shape a divisive […]

Read More
BLOG

How I Almost Got Phished And Why Training Isn't Enough

Josh Zelonis October 5, 2018

I received a text message the other day that looked a lot like what I might get from my bank if I triggered some antifraud check. The timing was impeccable; I had just used the card to pay for takeout and had walked out to my motorcycle to head home. When I initially got the […]

Read More
BLOG

Security Is Embracing Zero Trust; Get Your Federal Team In Sync

Chase Cunningham August 10, 2018

Historically, industry is more forward-leaning than government when it comes to innovation — at least at the unclassified level. But unlike most industries, the US government is driving the cybersecurity market and has been for almost the last decade. Federal fingerprints are everywhere: Where did cybercompliance start? Where did the first frameworks for cyber operations originate? […]

Read More
BLOG

Cybersecurity And Professional Sports: Securing The Internet Of Sports

Merritt Maxim July 25, 2018

Over the past few years, companies in all markets have embraced digital transformation, whether it is financial services finding new mechanisms to engage with customers or manufacturers adding sensors and other data collection components into their operational processes. These digital transformation efforts are about leveraging digital insights to drive better outcomes. Digital transformation has value in the […]

Read More
BLOG

"That’s Not My Job": I&O’s Role Shift When It Comes To Security

Chris Gardner June 25, 2018

In the halcyon days of my sysadmin youth, my team was asked to perform entitlement reviews on sensitive systems. When we were asked to determine who should have access to what, my director responded in a way I would never forget: “That’s not my job.” It sounds snarky, but he was correct. It wasn’t our […]

Read More
BLOG

"That’s Not My Job": I&O’s Role Shift When It Comes To Security

Chris Gardner June 25, 2018

In the halcyon days of my sysadmin youth, my team was asked to perform entitlement reviews on sensitive systems. When we were asked to determine who should have access to what, my director responded in a way I would never forget: “That’s not my job.” It sounds snarky, but he was correct. It wasn’t our […]

Read More
BLOG

Next-Generation Access and Zero Trust

Chase Cunningham March 27, 2018

A few years ago, the concepts of microsegmentation and microperimeters for Zero Trust were championed by former Forrester analyst John Kindervag. He showed us how those concepts and their technologies could enable a more secure enterprise. Once those concepts and their associated best practices hit the street, organizations from VMware to Cisco Systems to Palo […]

Read More
BLOG

Zero Trust on a Beer Budget

Chase Cunningham February 7, 2018

I have a good friend who has a small business (roughly 100 employees and two office locations; everything lives in the cloud, no real “network” to speak of) that is doing well. A few weeks ago, over barbecue and range time (some folks play golf, we shoot guns . . . it’s a Texas thing), […]

Read More
BLOG

What ZTX means for vendors and users

Chase Cunningham January 23, 2018

I am a huge fan of Zero Trust—the simplicity of the concept resonates with clients that read the research authored previously by John Kindervag and more recently myself. The framework’s intrinsic value to security and business processes is readily evident to those who explore how it benefits their security needs.  If we’re honest about Zero […]

Read More
BLOG

Energy Is Embracing Zero Trust, All Industries Should Too

Stephanie Balaouras May 11, 2017

I recently heard a segment on WBUR (a public radio station in Boston) on the emergence of microgrids and I was amazed at how much the concept of microgrids closely aligned with the concept of microperimeters within our Zero Trust model of information security. Zero Trust is a conceptual and architectural model for how security […]

Read More
BLOG

Zero Trust for MeatWare: It Applies to Us Humans Too

Chase Cunningham May 3, 2017

Zero Trust principles have, thus far, been mainly aimed at the network and the technology that makes our interconnected systems “live.” That’s how the concept was originally meant to be applied, but the reality of the threat vectors and need for better security capabilities means that Zero Trust has to adapt just like everything else […]

Read More
BLOG

Automation And Sharing Are Common Themes

Joseph Blankenship November 9, 2016

After years of shunning automation and information sharing efforts, the security industry is now embracing them. Every vendor conference I attended this fall talked about the need to automate some security functions in order to increase security teams' efficiency and ability to quickly detect and respond to incidents. The vendors also focused on the need […]

Read More
BLOG

Analyst Spotlight Podcast With John Kindervag

Stephanie Balaouras February 19, 2015

It's February: time for another S&R Analyst Spotlight Podcast! This month, Forrester VP, principal analyst, and Zero-Trust creator, John Kindervag, joins us. Listen in to learn more about John and his research. While you're at it, be sure to check out our First Look newsletter, which contains an interview with John along with links to […]

Read More
BLOG

TechnoPolitics Podcast: Zero Trust - Your Only Hope For A Secure Network

Mike Gualtieri April 24, 2013

With apologies to the late great President Ronald Reagan, "trust but verify" is outmoded advice when it comes to computer network security. So, why do so many information security professionals still think trusted and untrusted networks zones are still best practice? Most think that people are trusted or untrusted. The problem with that thinking is you never […]

Read More
BLOG

InfoSec, Structural Engineering, And The Security Architecture Playbook

john_kindervag November 21, 2012

Last year the country of Japan suffered a devastating disaster of unspeakable proportions. A massive earthquake on the eastern coast of the country triggered a deadly tsunami that caused the flooding of the Fukushima nuclear power plant. Three dominos fell at once, resulting in a significant and tragic loss of life and property. I visited […]

Read More
BLOG

Go Long On Glue Manufacturers

john_kindervag August 25, 2010

FLASH TRAFFIC: This just in! The Washington Post is reporting a new wrinkle in cyberwarfare. In the article Defense official discloses cyberattack, the Post reports that “malicious code placed on the [flash] drive by a foreign intelligence agency uploaded itself onto a network run by the U.S. military's Central Command.” Perhaps SkyNet has become self-aware, as […]

Read More