To Trust or Zero Trust?
Whether you call it BeyondCorp, zero trust, or any other kind of model, the issue of trust is central to how you configure your access policies.
Wendy Nather is Head of Advisory CISOs at Cisco’s Duo Security, based in Austin, Texas. She was previously the Research Director at the Retail ISAC, as well as Research Director of the Information Security Practice at independent analyst firm 451 Research. Wendy led IT security for the EMEA region of the investment banking division of Swiss Bank Corporation (now UBS), and served as CISO of the Texas Education Agency. She speaks regularly on topics ranging from threat intelligence to identity and access management, risk analysis, incident response, data security, and societal and privacy issues. Wendy is co-author of The Cloud Security Rules, and was listed as one of SC Magazine’s Reboot Leadership “Influencers” in 2018 and Women in IT Security “Power Players” in 2014.
Whether you call it BeyondCorp, zero trust, or any other kind of model, the issue of trust is central to how you configure your access policies.
What's hot at RSAC this year? Wendy Nather talks BeyondCorp, identity, passwordless authentication, security system UX, software security maturity and more.
By juggling different factors to rebalance the risk, you’re employing adaptive authentication: adapting to the current estimated level of risk at the time of login. If you think of authentication factors as being like a hand of cards, you can play the cards that you think are appropriate at each point in your game.
When you’re trying to parlay a multi-factor authentication (MFA) product into a solution that complies with current requirements and stays ahead of future ones, it’s hard to tell which way the ship is sailing.
In our first blog post introducing the BeyondCorp concept, we discussed what organizations should think about when trying it for themselves. In this post, we’ll talk about creating access policies.