Events , Governance & Risk Management , RSA Conference

Where Organizations Falter in Their Zero Trust Approaches

Cloud Security Alliance CEO Jim Reavis Offers Recommendations
Jim Reavis, CEO, Cloud Security Alliance

Network segmentation and microsegmentation are ways to contain the blast radius of a cyberattack and prevent hackers from spreading laterally. Within the cloud, network segmentation ties into zero trust. Yet the diversity of information systems with different levels of criticality poses challenges.

See Also: Guiding Your Leadership Team Through the Zero Trust Mindset

Organizations should start small and map network flows to the attack surface and thereafter be prepared to continually verify the segmentation architecture, said Jim Reavis, CEO of the Cloud Security Alliance.

When organizations fail at implementing network segmentation and zero trust, they may have tried to start too big.

"They're trying to come up with something that is a technical architecture for the entire organization instead of having a strategy for the organization and technical architectures and implementations that are wrapped around specific protect surfaces."

Reavis recommends getting "very granular" into DevSecOps, containerization and serverless - with "very granular least privilege" in those specific areas.

In this video interview with Information Security Media Group at RSA Conference 2023, Reavis also discusses:

  • Enhancing security with microsegmentation and zero trust;
  • Organizational missteps in a zero trust approach;
  • The charter of the CSA Zero Trust Advancement Center.

Reavis has extensive experience in the information security industry as an entrepreneur, speaker, technologist and business strategist. He is also the president of Reavis Consulting Group, where he advises security companies, governments and large enterprises on trends such as cloud, mobility and IoT.


About the Author

Rahul Neel Mani

Rahul Neel Mani

Founding Director of Grey Head Media and Vice President of Community Engagement and Editorial, ISMG

Neel Mani is responsible for building and nurturing communities in both technology and security domains for various ISMG brands. He has more than 25 years of experience in B2B technology and telecom journalism and has worked in various leadership editorial roles in the past, including incubating and successfully running Grey Head Media for 11 years. Prior to starting Grey Head Media, he worked with 9.9 Media, IDG India and Indian Express.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.