Zero trust implemented correctly will reduce barriers to innovation.
RSA CONFERENCE – The importance of untrustworthy security in the face of increasingly sophisticated cyber threats took center stage on the second day of this week’s RSA Virtual Conference.
In a speech, Mary O’Brien, Executive Director of IBM Security, spoke about his company’s zero-trust security efforts. She also spoke with Mauricio Guerra, CEO of Dow Chemical, on the company’s move to zero trust.
“Zero trust offers a better way to deal with the complexity of security that challenges our businesses today,” said O’Brien. “Traditionally, security has focused on creating a perimeter of protection around valuable assets. It has worked well for decades for the majority of our valuable assets. But that’s not how we do business anymore. Today, it’s not uncommon for all of your users, data, and applications to operate in different environments. And everything must connect to each other quickly, transparently and securely. “
In his heart, zero trust is a multidimensional approach to addressing risk and protecting data where nothing is inherently reliable, she said.
Zero trust helps Dow manage the new environment and the ecosystem it must support now, Guerra said.
“I’m referring to the new reality of the digital age where we have more mobile users, cloud apps, IoT and IoT devices… when the Internet is our new network,” he said. “So we had to transform our cybersecurity program and practices. And the answer we found was the adoption of a trustless architecture. “
The Dow Zero Trust Journey
Guerra said he first understood Dow digital transformation, results and business priorities.
“We decided to start with a trustless network architecture because that’s what we needed to allow our users to have full access to all forms of the internet, cloud, services, etc.” he said. “One of the first deliverables of our zero trust model was therefore secure Internet access. Second, we have provided secure access to our various locations, replacing the data pools we previously had. We are replacing our telecommunications network and Zero Trust is helping us with an SD-WAN solution. “
And being a manufacturing company, IoT is a high priority for Dow, Guerra said. Dow therefore designs and implements secure models to manage all of the new devices it implements in the manufacturing space.
“And finally, this is the whole area of conditional access and authentication,” he said. “Overall, zero trust gives us the flexibility to meet all business needs, but in a secure manner.”
During implementation zero trust safety, it’s important to plan what you want to achieve and write a detailed, multi-year roadmap, Guerra said. Also, be prepared to review it to make sure you hit your goals.
A zero-trust approach done correctly will reduce barriers to innovation by integrating security and privacy into the design and development of new services, O’Brien said. In addition, it will facilitate the migration to a modern infrastructure that gives customers and your staff secure and frictionless access to the services they need.
“And this will prioritize continuity and resilience by making it easier to monitor the contact space for internal and external threats that would compromise the availability of critical assets and operations,” she said.
Microsoft, a big proponent of zero trust
Vasu Jakkal is Vice President of Security, Compliance and Identity at Microsoft. She said Microsoft was a “passionate supporter” of …