In the episode, Tripwire’s Maurice Uenuma discusses the role of integrity when it comes to zero trust architecture. With results from our latest research survey on The White House’s Executive Order and zero trust, he and Tim make the case that zero trust cannot be maintained without proper Integrity controls at its foundation.

Spotify: https://open.spotify.com/show/5UDKiGLlzxhiGnd6FtvEnm
Stitcher: https://www.stitcher.com/podcast/the-tripwire-cybersecurity-podcast
RSS: https://tripwire.libsyn.com/rss
YouTube: https://www.youtube.com/playlist?list=PLgTfY3TXF9YKE9pUKp57pGSTaapTLpvC3

Breaches and cybersecurity incidents are making headlines every day. What are you doing to be prepared? One way to protect an organization is by using a zero trust architecture. Another way is to use integrity monitoring. Maurice Uenuma, vice president of federal and enterprise at Tripwire, possesses a wealth of knowledge on these two topics. He shared some insights on how to make these approaches a reality for your security program.

Tim Erlin: While it would be hard to miss this topic in the industry today, we should probably start with a brief discussion of what zero trust architecture means.

Maurice Uenuma: There are several different definitions out there, but the one most relevant for me is that zero trust is a set of design principles, an overarching strategy for security that eliminates implicit trust and that shifts the burden of assessing and validating the trustworthiness of individuals or devices onto a per-session basis based on what they’re trying to accomplish in that moment. There is not an assumption that just because they have logged into a particular enterprise environment with valid credentials that they now can be trusted throughout the entire time that they’re in the environment. It really segments it down into brief sessions focused on whatever specific service or target set of data that is being accessed.

TE:  Yes, and it’s helpful here to point out the (Read more...)