Peer-Driven Insights

Zero Trust

Featured One-Minute Insights

Sept 2024

How are U.S. CISOs Addressing Liability Risk?

New regulations taking effect in the U.S. mean that cybersecurity leaders could face legal liability in the event of an incident. What strategies are they using to protect themselves?
How are U.S. CISOs Addressing Liability Risk?

Community Posts

If you’ve implemented zero trust identity and access management, what tools have been most effective at enforcing strict access controls?

Read More Comments

What are the key pieces in a zero trust architecture assessment?

What are some effective approaches to access provisioning?

Read More Comments

How do you foresee the data security and privacy landscape changing over the course of 2023?

Read More Comments

If you haven’t adopted a zero trust strategy, what are your reasons for not doing so?

Read More Comments

I am trying to find a definitive definition of what a logical air gap is. There are various mechanisms of backup access isolation that can be employed but it seems to be a very gray area in terms of an explicit definition. Has anyone come across a definition that might even include a sliding scale of more restrictive logical air gap defenses? For example, I think about several access related configurations that could involve Role based security, MFA, SDN, Firewall, WAN, etc.

Zero trust is the biggest cybersecurity advancement in the past decade.

Strongly agree10%

Agree55%

Neutral23%

Disagree7%

Strongly disagree2%

View Results

Are single sign-on and zero trust compatible?

Yes, both can work together77%

No, one contradicts the other21%

Not sure2%

View Results

My security analyst is recommending we shut off access to third-party personal email accounts to reduce the risk of attack as a result of phishing attempts through these platforms.  Is this something many companies do?

Read More Comments

We are looking at implementing role-based access controls on some of our SaaS platforms due to entry into emerging markets. Does anyone have best practices to share?

Read More Comments

Thoughts on cybersecurity mesh architecture (CSMA)? Is it just a new buzzword or a genuine step up from Zero Trust and SASE?

Read More Comments

Does the term "novel attack" resonate with security teams? or does "unknown attack" resonate better? What would you consider novel/unknown attacks? Does your current threat detection solution detect novel/unknown attacks?

Read More Comments

How has your zero trust strategy shifted in the last year, if at all? (And if nothing’s changed, how are you thinking about evolving it in the next year or so?)

Read More Comments

Endpoint Protection and Utilization of E5 Features:

- Do you use Microsoft Defender EDR for Endpoint EDR? If not, what product do you use (e.g., CrowdStrike, SentinelOne, CarbonBlack)?

- If you have Microsoft E5 licenses, are you utilizing all features as your primary and only solution for each domain (e.g., Endpoint protection, Information protection, vulnerability management)? Or do you have other solutions in place either alongside or in place of the included capabilities in E3/E5?

Read More Comments

In terms of ZeroTrust and organizations building out their environments in such a way that makes sense and minimizes risks. As a medium to large enterprise, are you satisfied with your progress to date? To riff a bit more on this topic , NIST 800-207 is a good read, it covers both greenfield and continuous improvement ZeroTrust scenarios. Similar to data compliance, I think most of us never experience greenfield.

Yes59%

No24%

Unsure10%

Too early to tell6%

View Results

Hello.  I'd like to get peer insight on Windows Hello for Business, specifically:

1) Are you currently using or actively planning to implement Windows Hello for Business?    If you're using it, do you have it deployed to all users/devices or only a subset of users/devices (e.g. only Executives, only in the IT area, not in manufacturing areas, only Sales, etc).

2) Do you require ADDITIONAL step-up authentication for when users access critical applications and/or sensitive information?  If so – how are you doing this? (e.g., MS Authenticator MFA prompt, other 3rd party Authenticator solution, FIDO2 solution, etc)

3) Did you have any challenges with overall lifecycle management or operational challenges?   (e.g. users forgetting their PIN, laptop replacement/hardware issues, user experience complaints, etc.)

Thanks very much.