Zscaler/Okta and Zero Trust

The Zero Trust approach by Zscaler is growing in popularity. More competition, but the pie is growing.

https://www.investors.com/news/technology/data-breaches-make…


“Nothing has worked up until now,” said John Kindervag, a field chief technology officer at Palo Alto Networks (PANW). “The security models we’ve come up with in the 20th century and since have all failed as evidenced by all the big data breaches.”

Kindervag told Investor’s Business Daily this is where the emerging zero-trust concept could help. Unlike traditional security, zero trust does not deem users inside a network as more trustworthy than those outside.

In a zero-trust setting, every user or device is always reverified even if inside the enterprise firewall. Is the person logging into a network the real user? Is a device compromised?

These models assume the bad guys already lurk in networks, perhaps by stealing someone’s security credentials. They aim to stop the intruders from running amok by confining them to limited access to areas inside those networks.

The concept is gaining traction both in the industry and on Wall Street.

“We are entering a ‘zero-trust’ era in cybersecurity where everything must be authenticated, authorized and tracked,” Bank of America analyst Tal Liani said in a recent report to clients.

Cyberark is in the group and might be interesting to this board.

10 Likes

These models assume the bad guys already lurk in networks, perhaps by stealing someone’s security credentials. They aim to stop the intruders from running amok by confining them to limited access to areas inside those networks.

As a cybersecurity professional, I could not agree more with this statement. On many networks today it’s simply impossible to even define what the “perimeter” is. Zero trust is the only model that makes any sense. Anyone who is willing to guarantee you than an intruder is not already inside the Enterprise is either lying or ignorant.

-Rob

7 Likes