zero trust the flaming sword of justice
play

Zero Trust & The Flaming Sword of Justice Dave Lewis, Global - PowerPoint PPT Presentation

May 05, 2023 •421 likes •880 views

Zero Trust & The Flaming Sword of Justice Dave Lewis, Global Advisory CISO September 26th, 2018 Please Allow Me To Introduce Myself.. #WHOAMI Dave Lewis, Global Advisory CISO Castles Dont Scale Dont trust something just because

  1. Zero Trust & The Flaming Sword of Justice Dave Lewis, Global Advisory CISO September 26th, 2018

  2. Please Allow Me To Introduce Myself..

  3. #WHOAMI Dave Lewis, Global Advisory CISO

  8. Castles Don’t Scale

  9. Don’t trust something just because it’s on the “inside” of your firewall

  10. Is the password…password?

  11. No!! Now go away, or I shall taunt you a second time!

  12. Lessons From History The sack of Rome in 410 AD

  13. Remember when you only had to outrun the other hiker?

  14. Now there’s more than enough bear to go around

  15. The Flaming Sword of Justice

  16. Data Breaches

  17. The Summer of Breach 2012

  18. Been There…

  19. What’s Open In Chicago?

  20. 149,040,804

  21. Meanwhile, In Illinois

  22. So, Why Should We Be Concerned? 1,872 50,547 13,027 Open Webcams Compromised Industrial Control Databases Systems

  23. M’kay

  24. ZTN

  25. ZTN Value ● Devaluation of stolen credentials ● Low hanging fruit sours. Proposition ● Complicates lateral movement through uniform security policy. ● Attackers have to work that much harder.

  26. Unified Access Security, Value ● Devaluation of stolen credentials ● Low hanging fruit sours. Proposition ● Complicates lateral movement through uniform security policy. ● Attackers have to work that much harder.

  27. Bastion Hosts

  28. From DMZ To The Soft Chewy Centre

  29. Setting Expectations

  30. Aspire to a Zero Trust Network

  31. A Game of Increments

  32. Determining Priorities

  33. Zero Trust ● Asset Inventory. ● User Management. Shopping List ● Device Management through uniform security policy. ● Defined Repeatable Process. ● User and Entity Behavior Analytics. ● Network Zone Segmentation.

  34. Unified Access Security ● Asset Inventory. ● User Management. Shopping List ● Device Management through uniform security policy. ● Defined Repeatable Process. ● User and Entity Behavior Analytics. ● Network Zone Segmentation.

  35. The Authentications Must Flow

  36. Supply Chain Security

  37. Partner Network, Meet The Pentest

  38. SSH

  40. ZTN ● Build an asset inventory. ● Get a solid hold on user Summary management. ● What’s on your network? ● Defined Repeatable Process ● User and Entity Behavior Analytics. ● Network Zone Segmentation.

  41. Unified Access ● Build an asset inventory. ● Get a solid hold on user Security management. ● What’s on your network? Summary ● Defined Repeatable Process ● User and Entity Behavior Analytics. ● Network Zone Segmentation.

  42. The Sword Is Dissolving

  43. No Need For The Holy Hand Grenade

  44. Thanks! duo.com gattaca@ @ gattaca www.duo.com

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

SWORD-1 and SWORD-2 Dolutegravir plus Rilpivirine as Maintenance Dual Therapy SWORD-1 and SWORD-2:

SWORD-1 and SWORD-2 Dolutegravir plus Rilpivirine as Maintenance Dual Therapy SWORD-1 and SWORD-2:

Dolutegravir plus Rilpivirine as Maintenance Dual Therapy SWORD-1 and SWORD-2 Dolutegravir plus Rilpivirine as Maintenance Dual Therapy SWORD-1 and SWORD-2: Design Early Switch Phase Late switch phase Study Design: SWORD-1 and Sword-2

333 views • 9 slides
SWORD-1 and SWORD-2 Dolutegravir plus Rilpivirine as Maintenance Dual Therapy SWORD-1 and

SWORD-1 and SWORD-2 Dolutegravir plus Rilpivirine as Maintenance Dual Therapy SWORD-1 and

Dolutegravir plus Rilpivirine as Maintenance Dual Therapy SWORD-1 and SWORD-2 Dolutegravir plus Rilpivirine as Maintenance Dual Therapy SWORD-1 and SWORD-2: Design Early Switch Phase Late switch phase Study Design: SWORD-1 and Sword-2

315 views • 10 slides
The Sword & Sorcery Movies of the 1980s The Sword & Sorcery Movies of the 1980s - -

The Sword & Sorcery Movies of the 1980s The Sword & Sorcery Movies of the 1980s - -

So bad, theyre good The Sword & Sorcery Movies of the 1980s The Sword & Sorcery Movies of the 1980s - - Not covering other films like Kull the Conquerer because it was 1990s - Super cut of S & S movies Poster Promises

655 views • 61 slides
Mutual Trust in the Area of Freedom, Security and Justice Geet a nj a li Sh a rm a , PhD C a ndid

Mutual Trust in the Area of Freedom, Security and Justice Geet a nj a li Sh a rm a , PhD C a ndid

Mutual Trust in the Area of Freedom, Security and Justice Geet a nj a li Sh a rm a , PhD C a ndid a te, Freie Universit t Berlin, 26 August, 2020 Contents 1. Introduction, research question and methodology 2. Mutual trust in multilevel

1.01k views • 20 slides
FY2017 PRESENTATION SWORD GROUP Sword Group - March 18 2 AT A GLANCE IDENTITY FY2017

FY2017 PRESENTATION SWORD GROUP Sword Group - March 18 2 AT A GLANCE IDENTITY FY2017

FY2017 PRESENTATION SWORD GROUP Sword Group - March 18 2 AT A GLANCE IDENTITY FY2017 Successful, growing, financially secure and listed Consolidated Performance Software Software 28.4% 28.4% 173.5 M International 1,000+ customers 2

1.31k views • 63 slides
Preparing to Fail Changing the way we think about cyber threats Oil Rig Pic Flaming Oil Rig

Preparing to Fail Changing the way we think about cyber threats Oil Rig Pic Flaming Oil Rig

Preparing to Fail Changing the way we think about cyber threats Oil Rig Pic Flaming Oil Rig picture The asymmetric nature of the Internet The current state of cyber underground Our current approach UNCLASSIFIED 7 Software Integrity Denial

388 views • 18 slides
1. Sword Art Online Kirito Leafa Kirito Leafa Real Name: Kirigaya Kazuto Real Name: Kirigaya

1. Sword Art Online Kirito Leafa Kirito Leafa Real Name: Kirigaya Kazuto Real Name: Kirigaya

Sword Art Online is an Anime series that spands two seasons. Sword Art Online is a Virtual Reality Massively Multi- player Online Role-Playing Game. It was release in 2022 with the Nerve Gear. It stimulates the users five senses via their

560 views • 6 slides
5/25/2017 The Double-Edged Sword of Immunostains The Double-Edged Sword of Immunostains in

5/25/2017 The Double-Edged Sword of Immunostains The Double-Edged Sword of Immunostains in

5/25/2017 The Double-Edged Sword of Immunostains The Double-Edged Sword of Immunostains in Diagnosis of Breast Pathology in Diagnostic Breast Pathology Diagnostic Help Yunn-Yi Chen, MD, PhD Professor Director of Immunohistochemistry

631 views • 24 slides
Operation of Flaming Gorge Dam to Assist in Recovery of Endangered Fish Spring 2014 Bureau of

Operation of Flaming Gorge Dam to Assist in Recovery of Endangered Fish Spring 2014 Bureau of

Operation of Flaming Gorge Dam to Assist in Recovery of Endangered Fish Spring 2014 Bureau of Reclamation Upper Colorado Regional Office Flow Proposal Process Recovery Program Research Request Received Mar 21, 2014 Implement

481 views • 18 slides
Giant Sword Flower Hesperaloe funifera Size: Exposure: 6 tall x 6-8 wide Full sun,

Giant Sword Flower Hesperaloe funifera Size: Exposure: 6 tall x 6-8 wide Full sun,

Giant Sword Flower Hesperaloe funifera Size: Exposure: 6 tall x 6-8 wide Full sun, reflected heat Evergreen/Deciduous: Hardiness: Evergreen -10 degrees F. Water Needs: Bloom Period: Low Summer Fall General: Giant Sword Flower is

67 views • 5 slides
Everything you wanted to know about the China Sword Policy but were too afraid to ask Engineers

Everything you wanted to know about the China Sword Policy but were too afraid to ask Engineers

Everything you wanted to know about the China Sword Policy but were too afraid to ask Engineers Australia Sustainable Engineering Society Monday 26 th November 2018 David Rako DJR Environmental Overview of presentation What is

369 views • 15 slides
Justice! justice for ALL is the paramount responsibility of government. More important

Justice! justice for ALL is the paramount responsibility of government. More important

GOOD MORNING MY NAME IS MICHAEL ELLIOTT AND I AM AN EXECUTIVE MEMBER OF THE NATIONAL DEMOCRATIC MOVEMENT...TODAY I PRESENT A POINT OF VIEW ON JUSTICE Justice! justice for ALL is the paramount responsibility of government. More

556 views • 3 slides
Fairness is what justice really is Justice Potter Stewart U.S. Supreme Court Justice

Fairness is what justice really is Justice Potter Stewart U.S. Supreme Court Justice

Proudly Presents Fairness is what justice really is Justice Potter Stewart U.S. Supreme Court Justice The case law over the past 20 years have created new liability exposures and current municipal legislation does not provide

763 views • 45 slides
JUSTICE REINVESTMENT INITIATIVE CHAPTER 515 JUSTICE REINVESTMENT ACT WHAT IS THE JUSTICE

JUSTICE REINVESTMENT INITIATIVE CHAPTER 515 JUSTICE REINVESTMENT ACT WHAT IS THE JUSTICE

JUSTICE REINVESTMENT INITIATIVE CHAPTER 515 JUSTICE REINVESTMENT ACT WHAT IS THE JUSTICE REINVESTMENT INITIATIVE? Justice Reinvestment Initiative (JRI) is a data-driven approach to: Improve public safety by reducing recidivism Use

290 views • 5 slides
A Sword for One & A Shield for another The Chamber of Tax Consultants CA Jhankhana Thakkar

A Sword for One & A Shield for another The Chamber of Tax Consultants CA Jhankhana Thakkar

A Sword for One & A Shield for another The Chamber of Tax Consultants CA Jhankhana Thakkar 25 January 2020 Stay and Recovery Proceedings under Income Tax Act, 1961 1 1 Contents 1. Stay of Demand - Relevant Provisions - Framework -

814 views • 70 slides
The Double-Edged Sword of Ver3cal Integra3on in Health Care:

The Double-Edged Sword of Ver3cal Integra3on in Health Care:

The Double-Edged Sword of Ver3cal Integra3on in Health Care: Consolida3on & Cost Control ERIN C. FUSE BROWN, JD, MPH NASHP ANNUAL CONFERENCE

816 views • 28 slides
About Me CEO & Co-Founder at Snyk Find & Fix vulnerabilities in open source

About Me CEO & Co-Founder at Snyk Find & Fix vulnerabilities in open source

Developer as a Malware Distribution Vehicle Guy Podjarny (@guypod) @guypod About Me CEO & Co-Founder at Snyk Find & Fix vulnerabilities in open source dependencies! Founder @Blaze, CTO @Akamai Security work since

1.41k views • 119 slides
Web 2.0 Securing the Brave New World May 23, 2007 Agenda Web 2.0 What Is It?

Web 2.0 Securing the Brave New World May 23, 2007 Agenda Web 2.0 What Is It?

Web 2.0 Securing the Brave New World May 23, 2007 Agenda Web 2.0 What Is It? Security Implications, and an Example Some Emerging Use of Technology Whats Needed Web 2.0 Non-Technical Issues A Modest

395 views • 18 slides
Soteria: Offline Software Protection within Low-cost Embedded Devices Johannes Gtzfried ,

Soteria: Offline Software Protection within Low-cost Embedded Devices Johannes Gtzfried ,

Dagstuhl16: Adaptive Isolation for Predictability and Security Wadern, Germany Soteria: Offline Software Protection within Low-cost Embedded Devices Johannes Gtzfried , Tilo Mller , Ruan de Clercq , Pieter Maene , Felix

581 views • 20 slides
The Favored One Genesis 39 & 41 And the patriarchs, jealous of Joseph, sold him into

The Favored One Genesis 39 & 41 And the patriarchs, jealous of Joseph, sold him into

The Favored One Genesis 39 & 41 And the patriarchs, jealous of Joseph, sold him into Egypt; but God was with him and rescued him out of all his afflictions and gave him favor and wisdom before Pharaoh, king of Egypt, who made him

524 views • 23 slides
Firewalls David Parter University of Wisconsin Computer Sciences Department Computer Systems

Firewalls David Parter University of Wisconsin Computer Sciences Department Computer Systems

Firewalls David Parter University of Wisconsin Computer Sciences Department Computer Systems Lab dparter@cs.wisc.edu November 11, 2010 1 Topics Firewall basics Types of Firewalls Deployment scenarios Related Technologies

965 views • 83 slides
Client Puzzles Defending Against Denial-of- Service Attacks with Puzzle Auctions Outline

Client Puzzles Defending Against Denial-of- Service Attacks with Puzzle Auctions Outline

Client Puzzles Defending Against Denial-of- Service Attacks with Puzzle Auctions Outline Motivation Auction Protocol TCP Puzzle Auction TCP Client Puzzle Implementation Experiment Results Questions Defending Against

761 views • 30 slides
Advanced SSH(1) Advanced SSH(1) Prerequisites We wont cover these anymore ~/.ssh/config

Advanced SSH(1) Advanced SSH(1) Prerequisites We wont cover these anymore ~/.ssh/config

Advanced SSH(1) Advanced SSH(1) Prerequisites We wont cover these anymore ~/.ssh/config public-key authentication Ed25519 or RSA Port Forwardings scp(1), sftp(1) tar cf - ./files | xz | pv | \ ssh $host cat ">"

1.01k views • 72 slides
Session 6 Network Protections: DoS, Firewall and IDS Sbastien Combfis Fall 2019 This work

Session 6 Network Protections: DoS, Firewall and IDS Sbastien Combfis Fall 2019 This work

I5020 Computer Security Session 6 Network Protections: DoS, Firewall and IDS Sbastien Combfis Fall 2019 This work is licensed under a Creative Commons Attribution NonCommercial NoDerivatives 4.0 International License. Objectives

1.08k views • 53 slides

More recommend