Events , Governance & Risk Management , RSA Conference

Zero Trust: Lessons Learned and Lessons Identified

CIS CISO Sean Atkinson on Risk Management, Privacy Controls and Compliance
Sean Atkinson, CISO, Center for Internet Security

As COVID-19 made remote work more prevalent, managing identity through both network and remote capabilities became a challenge for organizations. Zero trust is a big initiative for the Center for Internet Security, but applying zero trust principles to its infrastructure has not been easy, said Sean Atkinson, CISO at CIS. "You are never done with zero trust implementation," he said.

See Also: Zero Trust: Approaches, Use Cases, and Myths Debunked

Zero trust implementation is not a "set and done" approach, Atkinson said. Practical implementation and organizationwide adoption of zero trust are crucial, as is undergoing a maturity cycle to ensure organizations have the right tools and appropriate security controls for implementing identity throughout their organization.

"There are lessons learned, and there are lessons identified. One of the things CIS is doing is managing identity through the network," he said. "Our envisionment of infrastructure is no longer within the four walls. COVID-19 has set a remote capability, so we've now got to manage that underlying infrastructure as an approach to integrate security."

In this video interview with Information Security Media Group at RSA Conference 2023, Atkinson also discussed:

  • The three most common data breach risks organizations are facing;
  • The challenges for security organizations in defending against threats;
  • Tips for avoiding data breaches.

Atkinson uses his broad cybersecurity expertise to direct strategy, operations and policy to protect the Center for Internet Security's enterprise of information assets. His responsibilities include risk management, communications, applications and infrastructure. Prior to CIS, he served as global information security compliance officer for GlobalFoundries. Prior to that, he led the security implementation for New York's statewide financial system.

About the Author

Anna Delaney

Anna Delaney

Director, ISMG Productions

An experienced broadcast journalist, Delaney conducts interviews with senior cybersecurity leaders around the world. Previously, she was editor-in-chief of the website for The European Information Security Summit, or TEISS. Earlier, she worked at Levant TV and Resonance FM and served as a researcher at the BBC and ITV in their documentary and factual TV departments.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.