Security architecture is changing. Zero Trust is a response to accelerating trends that include flexible working, bring your own device (BYOD) and more services moving to the cloud. The increasing complexity of enterprise infrastructure has outpaced legacy methods of perimeter-based network security, which are also insufficient for preventing lateral movement once attackers have breached a network boundary.
We need a new security paradigm. “No trust without verification" - removing inherent trust from the network and gaining confidence in users, devices and services - can be challenging to implement in a complex and shifting landscape of people, processes and systems. This session will focus on guiding principles and practical techniques that can be applied to plan your journey to Zero Trust in a complex hybrid environment.
Define Zero Trust architecture design principles.
Describe how Zero Trust architecture design principles can be applied in a hybrid environment.
Understand the challenges of implementing Zero Trust architecture design principles in a hybrid environment with legacy systems, and be able to describe how to begin the journey to a Zero Trust architecture.
CISSP-ISSAP, CISM, CDPSE,
Lead Security Architect,
The Scottish Government