Professional Documents
Culture Documents
Threat
Digital
Identity&&Attack
Forensics
TechnologyAccess
Governance,
Cloud Security
Application Simulation
&&Incident
Management
Solutions
Risk
Security Response
Compliance Services
Services
Services
Services include:
include:
Services include:
include:
include:
Security
Active
Incident
Cloud
IAM Architecture
Directory
Response
Security
Business
Strategy Review
Security
Retainer
Health
Resilience
Application ReviewAssessment
Check
Assessments
Security Program
Our
We Our
Our
OurOur
cloud
offer team
DFIR
team
team ofof
team
security
tactical white
ofIAM
security
GRC hatyou
helps hackers'
prepare
practitioners
architecture
practitioners
professional
assessment and mimics
can
and for,
help
services
strategy real-world
respond
you
professionals
consultants
help
Your attacks
to
Can
solutionsand
develop
provide
provideto
organization
to help
efficiently
anyou
assist identify
Identity
with
you resolve
gain
with exploitable
strategy
an
guidance security
control
all yourtoand
in-depth of your
proactive attack
incidents
roadmap
assessment
develop or
AWS,
and vectors
to
that
enhance
Azure,
reactive Firewall
IoT asAssessment
Incident
Assessments
Cloud Response
Security
Implementation
CISO Services
Assessment
a Service
Application services
Security Assessment
in
that your
Minimize
gives
Your
Google,
application bestorganization’s
business
isinformation
senior
Oracle, SaaS
security security
or ITa program.
impact.
forleadership
your business.infrastructure,
comprehensive
Multi-Cloud
efforts. security
technical
environment
withcontrol
review.
a “Securityimplementations
We focus
First” and human
on strategy.
numerous Our behavior.
areasservices
of your cover all NGFW
Cloud
Mobile asApplication
Penetration
Ransomwarea Service
Testing
Security
Identity
Compliance Investigation
Engineering
Governance
Assessment andand
Security Response
& Administration
Advisory (IGA)
AssessmentServices
network
aspects of cloudsecurity, emailand
security andhelp
the the
youoption to digital
with your
Data
Cloud
CloudSecurity
Threat
Penetration
Access
Risk Hunting
Security Testing
andModeling
Discovery
Strategy
Assessments
Management
Application Threat Services
& Architecture
(AM)
validate security technologies deployed on the
transformation.
endpoint. Security
TedTabletop
ContainerAnalytics
Teaming/Purple
PrivilegedExercises
RansomwareSecurity
Access as aArchitecture
Service
Teaming
Readiness
Management
Assessment
(PAM)
Application Security Review
Zero
Social Trust
Incident
Security
Scan Workshop
Engineering
Response
Program
& Verify Enablement
Review and Strategy
Vulnerability
Incident
Third
Secure Response
Party
CodeManagement
Risk Plan Development
Management
Review
Vulnerability
IR Playbook
Secure Management
& Runbook
Configuration asCreation
a Service
Review
Wireless
DigitalSecurity
Training Forensics
Assessment
Services
& Education
Zero Trust
Mike Louis, Senior Security Architect
Why do we need a new ➢ Mobile Workers Will Be 60% of the Total U.S.
Workforce by 2024, (IDC)
Model? ➢ Perimeter security controls are limited with the
increase of cloud and mobile applications
Servers
Wired Storage
• Digital Transformation Disruption Desktops Containers
of Trust Networking
• Some Outsourced Services
Corporate DevOps
• Applications Everywhere
Laptops B2C Cloud Services
• Users working from Anywhere
• Third Party Vendor Access Middleware
Corporate
Smartphones Legacy Security
Stack
Servers
• Heavy Cloud and Mobile Use Wired Storage
• Mixed Ownership of Assets Desktop Containers
• SAAS/IAAS/PAAS B2C Cloud Services
• Containers/Micro-Services Corporate
• IOT/OT Security Devices DevOps
• 3rd Party Vendor Access Common
B2C Cloud Services
Plant /
Manufacturing 3rd Party laptops BYOD IOT
● “Organizations should seek to incrementally implement zero trust principles, process changes, and
technology solutions that protect their data assets and business functions by use case”
-> Establish Trust ---- Enforce Access Policy based on Least Privilege - Monitor and Maintain-->Refine
Process
Zero Trust Maturity Model (CISA)
Micro-Segmentation/Nano-Segmentation
• Identify key stakeholders • Identify High Value Assets • Technology Selection • Develop Zero Trust • Knowledge Transfer and
and Classification Policy Process Configuration Policies Operational Training
• Review Zero Trust Business
Drivers • ZTA Use Case Architecture • Gap Remediation • Test and Validate Policies in • Exception and Change
Gap Analysis Pilot Groups Remediation Training
• Capture use cases and • Detailed Design Document
requirements • Determine Success Criteria & Signoff • Document Exception Process • Configuration and Device
and Perform Final Policy Management Procedure
• Review existing Architecture • Zero Trust Roadmap • Review and update Zero Tuning
Trust Roadmap • Quarterly Health checks &
• Zero Trust Policy Rollout Best Practice Assessment
• Update Zero Trust (Phased)
Business Outcomes • Visibility and Violation
• Next Day Support Monitoring Tuning
Zero Trust Use Case
Review Zero Trust Business Drivers
● Work from Anywhere, Secure Cloud Applications
● Limit Access to Role and Entitlements
● Proliferation of SaaS apps
● Premise-based Trust is inadequate for securing workforce
● Hire from Anywhere, Secure access
Z E R O T R U S T
M E T H O D O L O G Y
Review Next Steps
● Scopes and Proposals for Transform and Maintain Phases
Pilot Scope ● Additional Pilots/Testing
Complete
Security Gaps Remediation
● Remediate enterprise dependencies for production rollout
Production Deployment
● Department Rollouts for ZTNA Use Cases
● Policy Tuning and Final Adjustments
Z E R O T R U S T
M E T H O D O L O G Y
Update Security Processes
● Document Operational Procedures
● Staff training for upgrades and MACDs
Transform
Automation and Orchestration Planning
● Workflow Designs and Process Review
● Automation Policy Testing
Operational Manual
● Monitoring Use Cases for Least Privilege
● Data Sources
● Dashboards and Reporting
Assess and Evaluate
• Zero Trust Readiness, Planning and Design
• Zero Trust Cloud Readiness Design
• Identity Access Management Assessment/Design
• Product Evaluations and Pilots
Platform As a Service
• Platform-As-A-Service for Zero-Trust