Insights and Ideas from Dr. Zero Trust
Dr. Chase Cunningham, a leading cybersecurity expert and originator of Forrester’s ZTX Zero Trust Extended Framework, shares the latest cybersecurity and Zero Trust news that executives need to know.

This last week we saw more conversations about how SASE and Zero Trust are related. That makes sense, these two “items” aren’t entirely divorced from one another. In truth, SASE is the modification of the Gartner CARTA model that never really took off. SASE can be considered a “method” for enabling Zero Trust when you try and push the controls from the internals of an infrastructure out to the “edge.” More interesting work in the Zero Trust world was discussed around the ideas of simplicity and IoT. It’s exciting to see so many important developments in the ZT world!

White Paper
This Week’s Posts

DoD Acting CIO Sets Sights on Stronger Zero Trust Push

Acting DoD CIO John Sherman has set his sights on generating faster progress on the implementation of zero trust security concepts.

Making Zero Trust Real

What is Zero Trust and how can it be applied in an Active Directory world? This video explains how it changes how security is perceived.

Oklahoma CISO says pandemic accelerated zero-trust implementation

Oklahoma statewide CISO Matt Singleton said the health crisis encouraged his team to accelerate its implementation of zero-trust identity management.

Four Tenets of Zero Trust Workload Protection

This webinar presents why the Zero Trust model must be re-defined and expanded to cover applications and cloud workloads during runtime.

In a Zero Trust World, Compliance Doesn’t Equal Security

A U.S. government agency can run a completely compliant network and still be breached by a trusted user’s account being exposed.

Securing Remote Work through Zero Trust Principles

With the shift to remote work, getting distributed workforces to follow best security practices isn’t a goal: It’s a necessity.

Adopting a Zero Trust Approach in Higher Education

Adopting a Zero Trust approach is imperative for helping higher education institutions reduce security risk across their environments.

Devices and zero trust

This issue of GCP Comics focuses on the role devices play in a Zero Trust environment—every device has to earn trust in order to be granted access.

Defend your Institution by Also Applying Zero Trust to Machines, Not Just Humans

This article examines why institutions should apply Zero Trust to machines as well as humans to stay protected against modern attacks.

Why Zero Trust Matters to Biomedical Engineers: 5 Benefits of Clinical Zero Trust

For healthcare organizations, a Zero Trust security strategy which tightly restricts access to data and devices can be problematic.

PHP supply chain attack, common zero trust traps, hardening CI/CD pipelines

In this article, Help Net Security provides an overview of some of last week’s most interesting news and information.

Build Zero Trust rules with managed devices

Enterprises have challenges with unmanaged or personal devices when it comes to securing data or restricting application access.

Air Force develops maturity model for zero trust across the department

The Air Force is developing a maturity model to help broaden its implementation of zero-trust principles in the foundation of its network architecture.

5 tips for implementing a zero trust model

As attackers increasingly target less traditional users, accounts and assets, organizations should consider such a zero trust model to tighten security, says CyberArk.

Zero Trust for Data

Data secured with strong enough encryption, is almost impossible to break without huge computing resources and effort. But, what makes encryption powerful is its downfall.

How Cisco Implemented Zero Trust Security during the Pandemic

Speakers Bassem Khalife, Member of Technical Staff, Cisco Raj Kumar, Architect – Information Security, Cisco discuss Cisco's Zero Trust Journey.

‘Zero Trust’: An Outdated Model?

According to Cyjax CISO, the zero trust is not aligned to the agility and the ability to collaborate" that businesses want today. It's a dated artifact of the past.

Why 2021 Is the Year for Zero Trust Security

Bad actors and market forces call for a zero-trust approach to security, making identity your new perimeter.

Episode 3: The Zero Trust Model

Make the most of a Zero Trust model to reduce risk while helping employees be more productive, regardless of where they’re working from.

How startups can go passwordless, thanks to zero trust

Passwordless-tech, a key part of zero trust models, is perceived to be costly and tricky to implementation, stalling adoption by smaller businesses.

Four ways Zero Trust will improve security at businesses

During the pandemic last year, the brilliance of information security personnel was on full display, as businesses transitioned to a remote-first approach.

Zero Trust Journey – A Security Leader’s Story

Most security professionals acknowledge that the traditional “castle-and-moat” approach to security no longer works, and would like to achieve a Zero Trust security posture in their organizations.

Zero Trust Adoption: Managing Risk with Cybersecurity Engineering and Adaptive Risk Assessment

Zero trust adoption challenges many organizations. It isn't a specific technology to adopt, but a security initiative that an enterprise must understand, interpret, and implement.

The importance of a zero trust-based approach to identity security

97 percent of senior security executives say attackers are increasingly trying to steal one or more types of credentials, a CyberArk survey reveals.

Zero Trust Manufacturing Approach Key to Balancing Complex Supply Chains and IoT Device Security

When implemented holistically, a zero-trust manufacturing architecture will ensure that a product’s firmware, data and digital credentials can be trusted through every step of the supply chain.

The Case for ‘Zero Trust’ Approach After SolarWinds Attack

The SolarWinds supply chain attack should push federal government agencies to adopt the "zero trust" model and deploy better endpoint detection.

Delivering zero trust environments with Amazon AppStream 2.0

This session is designed for Solution Architects looking to provision desktop applications in a zero trust environment and improve the usability and security of how people access applications.

Deploying zero trust security strategy in Covid-19 era

Zero trust approach effectively assumes that the perimeter is dead as a concept, and we can no longer operate on the idea of establishing a perimeter with people are working from different locations.

Zero Trust: When “Trust But Verify” Is Not Enough

When friends became enemies, we all started to wonder what’s wrong. And that quickly turns into the question of whether trust innately is the problem.

VPN’s Days Are Numbered: Here Comes Zero-Trust Security

Despite providing generally fast and reliable remote security during the COVID-19 pandemic, VPN may soon be replaced by an even more resilient technology - zero-trust security.

How Zero Trust 2.0 can answer every organisation’s cyber woes

How can Zero Trust 2.0 help enterprises shrink their attack surface and achieve greater balance between adding appropriate friction in the authentication process and protecting user experience?

How zero trust helped insulate Splunk from supply chain attack – CyberScoop

The pervasive attack on government and commercial IT systems, via SolarWinds, highlighted the need for zero trust and powerful analytics tools.

Zero Trust, ZTA, and ZTNA: What’s the Difference?

With so many similar terms and acronyms floating around, it’s important to make sure you understand what a vendor is actually talking about when you're discussing solutions.

MSPs (and SMBs) can benefit from zero trust cybersecurity

Organizations have begun to adopt zero trust cybersecurity in response to migrations to the cloud and changes to how we think about computing.

How to Navigate the Journey Towards Zero Trust Security?

With every passing day, cyber security is gaining paramount importance and its implications are constantly broadening.

What Is Zero-Trust Manufacturing?

Although the zero-trust model emerged in the cybersecurity sector, it applies to manufacturing, too. Here’s a look at why that’s the case.

Zero Trust Network Access: The Evolution of VPN

With better security, more granular control, and a better user experience, ZTNA can be a smarter choice for securely connecting your remote workforce.

What is Clinical Zero Trust?

#HealthcareNow takes on and offsite network security seriously. Learn more about securing networks and data through clinical zero trust.

Zero Trust: Guilty Until Proven Innocent

In this blog post, the writer addresses how Zero Trust powered by isolation is the only way to secure work and how this approach can be applied in the mature financial services sector.

SolarWinds Senate Hearing: Moving Forward It’s All About Zero Trust

We still don’t have a complete picture of what exactly happened during the SolarWinds attack in 2020, nor do we know the full extent yet of the damage or what the long-term impact may be....

What Zero Trust Can Bring to the Financial Sector – Banking Exchange

Financial services took a particularly hard hit in 2020 in terms of ransomware and other cyber-attacks Financial services took a particularly hard hit in 2020 in terms of ransomware and other

Why 2021 NSA Zero Trust Guidance Is Important for Federal Cybersecurity

Here's a look at the recently published NSA Zero Trust guidance. Learn what it is, why it's important, and how federal cybersecurity teams can get started.

Why the network compass is obsolete

Old labels for network traffic are out of date with government users connecting from devices outside traditional perimeters, but TIC 3.0 offers a new map.

ATARC intends to merge agency and vendor zero trust working groups

The ATARC’s parallel zero trust working groups for federal agencies and vendors intend to merge once the government side establishes use cases.

Deploying zero trust security strategy in Covid-19 era

Zero trust approach effectively assumes that the perimeter is dead as a concept, and we can no longer operate on the idea of establishing a perimeter ..

Canadian Bacon – Zero to Hero when it comes to Zero-Trust

Zero-Trust means a lot of different things to a lot of different people but we can all agree that zero-trust means exactly that! We will focus on a use case to define an approach we can take to

3 Trends That Make Zero Trust More Important Than Ever

2020 showed that organizations everywhere are under attack more than ever before. The first half of the year alone saw more attacks than all of 2019 combined – and there is no sign that will slow

Zero-Trust in a Trusting World

The NSA recommends immediately beginning to integrate the zero-trust concepts into your established environment.

Why is zero trust important for your business?

As if a pandemic wasn't enough to disrupt business operations, the year 2020 also brought in new and even bigger cybersecurity threats. And because cybersecurity threats will always be present

Why trust in Zero Trust is growing – Latest Digital Transformation Trends

Zero trust is all about making organizations not just secure for users, data and devices; but resilient and future-proof as well.

First principles and Zero Trust keys to security going forward

The idea of "first principles" – the breakdown of complicated problems into basic elements – has been around since Aristotle. It has been echoed by notable philosophers like Rene Descartes and

Why you need a Zero Trust approach in the design, manufacturing, and supply chain industry?

Zero Trust is the only approach that would enable manufacturers to implement a least privilege access.

NSA Issues Guidance on Zero Trust Security Model

The NSA published a cybersecurity product to show how deploying Zero Trust security principles can better secure enterprise networks and sensitive data.

Zero Trust for Software Updates

The next time you are evaluating a product to deploy on your network, remember to check how many network connections you are require to open.

The key to zero trust security? Changing human behavior

People are typically considered the weakest link in the cybersecurity chain because they fall prey to phishing schemes, providing an entryway into the network.

What It Takes to Implement Zero Trust With Employees Working From Home

The pandemic has changed the focus for zero trust to locking down endpoints, wherever they may be. Cloud-based services can help.

Worldwide zero trust security market size to reach $51.6 billion by 2026

The zero trust security market size is projected to grow from $19.6 billion in 2020 to $51.6 billion by 2026, recording a CAGR of 17.4%.

Here’s the Big Problem With Too Much Trust

Zero Trust refers to processes that removed all trust from end-users. But when the “trust balloon” is squeezed to remove trust from end-users, then where does it go?

3 Strategies for Selling Zero Trust Security in the Channel

Switching to a zero-trust security approach reduces exposure to potential data breaches and helps drive down fixed costs.

Securing a remote workforce with a zero-trust strategy

The sudden surge in remote work and direct-to-cloud consumption of SaaS applications are putting pressure on the role of the physical security perimeter.

How To Implement Zero Trust Security: 7 Technologies and Strategies

As CIO, you have important technology and strategic considerations to take into account as you consider implementing Zero Trust security policies.

Why We Chose the Samurai

We've been busy developing new solutions at Ericom that are pretty impressive - so impressive that we felt they deserved a new logo and branding. Here's why the samurai was the perfect choice.

Zero Trust Security Market worth $51.6 billion by 2026

A report published by MarketsandMarkets projects that the global Zero Trust Security Market size will grow from USD 19.6 billion in 2020 to USD 51.6 billion by 2026.

How Kent State University made the leap to zero-trust security

While the move from perimeter-based defense to zero-trust security remains high on most CISO’s priority lists, it’s been arguably more of a challenge for colleges and universities.

How to choose a Zero Trust architecture: SDP or Reverse-Proxy?

Zero Trust Network Access (ZTNA) is the next-generation access solution...displacing longstanding Virtual Private Networks (VPN).

Closing All DOD’s Cyber Doors with Zero Trust

Ask someone in federal IT what zero trust means and you’re likely to hear that it’s about access control: never granting access to any system, app or network ...

What does Zero Trust Architecture mean in practice?

This popular reddit post presents an interesting discussion on Zero Trust Architecture, "never trust, always verify." Enjoy reading the thought-provoking comments in this thread.

Zero Trust is not a security solution. It’s a strategy

Zero Trust is not one product or platform; it's a security framework built around the concept of "never trust, always verify" and "assuming breach."

Microsoft wraps SolarWinds probe, nudges companies toward zero trust

Some question Microsoft's decision to close the book on the investigation, and say zero trust might not have made a significant difference.

Most businesses to move away from VPNs, adopt zero-trust access model

Seventy-two percent or organizations plan to ditch VPNs, and 67 percent are considering remote access alternatives.

Customer Corner: South Central Power Company on Implementing Zero Trust

When South Central Power Company underwent a penetration test, they realized they had to make some changes.

Ericom delivering Zero Trust Browsing via our Strategic Partnerships

Ericom’s strategic partnerships deliver simplified access to critical Remote Browser Isolation (RBI) capabilities; Gartner & Forrester highlight RBI as a key part of SASE/ZT platforms.

Strengthening Zero-Trust Architecture

Organizations that want to stay ahead of cybercriminals will find that going beyond user trust and device trust is critical for outwitting their adversaries.

Time to Get Back, and Lead by Doing

Chase Cunningham explains why he's getting back in the cybersecurity trenches, and why Ericom is the Zero Trust cloud security innovator he chose.

The Role of Microsegmentation in Zero Trust Security

As one of the keys to implementing least-privilege access, microsegmentation is an essential element in the Zero Trust toolbox.

2021: The Year Zero Trust Overtakes VPN?

The year of 2020 shined a light on many of the shortfalls of VPNs. The increase in remote work led to challenges with scale, impacted user experience and even drew the eyes of threat actors.

A Zero Trust Approach to Web Browsing

Ericom VP Ravi Pather discuss the tension between business users and security teams regarding web use, and how browser isolation eliminates that tension by enabling every website to be browsed safely.

NYC Cyber Command: Embracing Our ‘Zero Trust’ Reality

As it works across more than 100 offices and agencies to prevent, detect, respond and recover from cyberthreats, the New York City Cyber Command wants help building a zero trust digital infrastructure.

Zero Trust in the Post-Pandemic Era

The COVID-19 virus and its rampage across the globe created a fundamental sea change that affected many aspects of life and business, and cybersecurity was no different.

Verify, and keep verifying: The case for a zero trust framework

in a digitally transformed world and dynamic new environment, static trust can never be assumed. Zero Trust security is at the heart of this mindset.

Akamai Technologies Acquires Inverse Inc., Adds to Zero Trust Platform

Inverse provides a robust data repository and world-class algorithms capable of identifying an expansive universe of IoT, mobile and other device types.

The Journey to Zero Trust

Zero Trust is a journey involving lengthy cycles of assessing, planning, architecting and designing, piloting, and implementing.

Browsers are the Target: Protect Them with Zero Trust Browser Isolation

Your users need the web to get their work done, but the risk of malware infection lurks on every website they browse.

Window width: