Project Zero Trust by Finney George;Kindervag John;

Author:Finney, George;Kindervag, John; [Finney, George]
Language: eng
Format: epub
Publisher: John Wiley & Sons, Incorporated
Published: 2022-08-05T00:00:00+00:00

“The first part of Zero Trust is about knowing the business,” Dylan explained. “How we make money, what the strategy is, and where the business plans to go.”

“So what does that mean for MarchFit?” Chris asked.

“We have several lines of business,” Dylan said. “We have our retail outlets. But we also have our network of content creators that people love taking walks or runs with. And then there is our new product development that is launching a new product in a few months.”

“I think we can better align with MarchFit's Zero Trust implementation by customizing our runbooks around those different lines of business,” Chris offered. “I bet that each of those different lines of business rely on different business-critical applications, and we can tailor our monitoring to more closely mirror that first design principle. What about being inside out?”

“That has defined our approach,” Dylan said. “We've prioritized working on our most business-critical protect surfaces first, and then expanded from there.” Chris nodded. “That makes sense. Instead of putting all your controls at the perimeter firewall, you're doing that crunchy center thing that John Kindervag talked about. It seems like we should be able to align our monitoring around those protect surfaces as they relate to those different lines of business.”

“How does the SOC know who or what needs access?” Harmony asked.

“We've recently built our own security orchestration system to help automate the runbook actions that we're able to take,” Chris said. “To be successful at this, we'd need to be able to integrate with your identity system. We use our orchestration platform to help establish behavioral norms. A behavior that's normal in one region or one department might be a critical alert if it's discovered in a different region or department. That's our secret sauce.”

“The costs of logging everything might be too high to include our MSSP in step 4,” Noor said. “Storage costs are going down all the time, but you have to admit that there's a disincentive to send everything to our MSSP since you charge based on the volume of logs. You're not charging based on how effective your service is.”

“If we're not providing value, then we would expect you to leave and find another MSSP,” Chris admitted. “And I also understand that we weren't able to detect most of the activity that led up to your ransomware infection. We need to do better, not just for you, but for all our clients. I agree that we need to have some skin in the game. But we also need a feedback loop to help MarchFit improve your controls. The more false positives we can remove by stopping bad behavior, the more time we can spend investigating real suspicious activity.”

“There are also five design principles that we're following,” Harmony said, advancing to the next slide:

Define the protect surface.

Map the transaction flows.

Architect a Zero Trust environment.

Create Zero Trust policies.

Monitor and maintain each protect surface.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.