How to meet security and device trust challenges in the 2020s In the digital era, a 20th century perimeter-based approach to security is no longer appropriate or effective in securing the modern extended enterprise. Instead, a more flexible, identity-based approach is required that can be implemented at every layer of IT, from devices and networks to applications and data.
Today, most employees are using a mix of corporate-owned and personal devices to access applications, data, and services on-prem and in the cloud, often from outside the corporate network. Only by implementing strict identity verification and least-privilege access policies for every user, device, and application can enterprises secure a mobile and remote workforce.
This approach is commonly known as the Zero Trust approach to security, but it is not a product or even a technology. Adopting a Zero Trust approach to security requires a major paradigm shift in many aspects of IT and even core business processes of an organization, but provides the key to securing access to critical systems and data in the 21st century.
Martin Kuppinger, Principal Analyst at KuppingerCole, will look at how Zero Trust has matured over the past decade, and where it still has to go in the light of the evolution of business, IT, and cybersecurity. He will also look at what organizations must do to implement a Zero Trust approach, and why this is about concepts first, then tools.
Richard Archdeacon, Advisory CISO for EMEA at Duo Security, will explore the concept of a Zero Trust access model strategy for the extended workforce and enterprise, and explain how leading organizations are using this approach to secure access to their critical applications and data in five logical steps.
Richard is the Advisory CISO for the EMEA region. He was previously with DXC - HPE - where he was a Chief Technologist in the Security Practice working with clients across all industries and regions. Prior to that, he worked for Symantec for many years. He has also held posts with security industry organisations such as IAAC and the IISP, and has worked on cyber resilience reports with the World Economic Forum.
Martin Kuppinger is Founder and Principal Analyst at KuppingerCole, a leading analyst company for identity focused information security, both in classical and in cloud environments. Prior to KuppingerCole, Martin wrote more than 50 IT-related books and is known as a widely-read columnist and author of technical articles and reviews in some of the most prestigious IT magazines in Germany, Austria and Switzerland. He is also a well-established speaker and moderator at seminars and congresses. His interest in Identity Management dates back to the 80ies, when he also gained considerable experience in software architecture development. Over the years, he added several other fields of research, including virtualization, cloud computing, overall IT security, and others. Having studied economies, he combines in-depth IT knowledge with a strong business perspective.