Where Organizations Falter in Their Zero Trust ApproachesCloud Security Alliance CEO Jim Reavis Offers Recommendations
Network segmentation and microsegmentation are ways to contain the blast radius of a cyberattack and prevent hackers from spreading laterally. Within the cloud, network segmentation ties into zero trust. Yet the diversity of information systems with different levels of criticality poses challenges.
Organizations should start small and map network flows to the attack surface and thereafter be prepared to continually verify the segmentation architecture, said Jim Reavis, CEO of the Cloud Security Alliance.
When organizations fail at implementing network segmentation and zero trust, they may have tried to start too big.
"They're trying to come up with something that is a technical architecture for the entire organization instead of having a strategy for the organization and technical architectures and implementations that are wrapped around specific protect surfaces."
Reavis recommends getting "very granular" into DevSecOps, containerization and serverless - with "very granular least privilege" in those specific areas.
In this video interview with Information Security Media Group at RSA Conference 2023, Reavis also discusses:
- Enhancing security with microsegmentation and zero trust;
- Organizational missteps in a zero trust approach;
- The charter of the CSA Zero Trust Advancement Center.
Reavis has extensive experience in the information security industry as an entrepreneur, speaker, technologist and business strategist. He is also the president of Reavis Consulting Group, where he advises security companies, governments and large enterprises on trends such as cloud, mobility and IoT.