Zero Trust is a Mindset and

Architecture of Independence

In this episode of Life of a CISO is Dr. Eric Cole is focused on Zero Trust architecture.

Zero Trust is the separation of all the parts such that you create a way to isolate breaches so that they do the smallest amount of damage possible.

You do this by giving as little access to the network to each part as necessary while not affecting functionality.

As a CISO, you must take all of the elements that make a security system successful into account when designing your security.

Join Dr. Cole as he explains how to effectively utilize Zero Trust in your organization.

In this episode:

  • 0:58 Even if you believe you are world class today, you have to keep working hard
  • 3:20 Secondary benefit
  • 3:53 My first 1 star review
  • 5:16 Can you define Zero Trust?
  • 7:43 Zero trust is a mindset and architecture of independence 8:15: Server, application, user, data
  • 9:50 Least privilege
  • 11:28 If one server is compromised, how much damage will be done to other servers?
  • 13:53 How we isolated each store
  • 15:23 Those who don’t learn the lessons from the past are doomed to repeat it
  • 16:14 It doesn’t hurt the business
  • 17:00 Why you need zero trust
  • 18:35 If we want to prevent attacks, great…
  • 19:15 Core principles
  • 21:11 Application level
  • 22:06 Client access
  • 24:06 The worst reason
  • 25:00 Data
  • 26:36 It’s all about controlling access
  • 27:24 Wrap up