Blog
Featured Topics
-

Vendor Risk in a Zero Trust Model
The SolarWinds supply chain compromise, the Kaseya VSA ransomware attack, and the MOVEit Transfer exploitation demonstrated a consistent pattern: attackers…
-

Board-Level Reporting on Zero Trust
Boards of directors are under unprecedented pressure to demonstrate active oversight of cybersecurity risk. The SEC’s 2023 cybersecurity disclosure rules…
-

Governance Models in Zero Trust
Most organizations approach Zero Trust as a technology initiative, focusing on deploying identity providers, microsegmentation platforms, and endpoint detection tools.…
-

Policy Design for Enterprise Zero Trust
Zero Trust without well-designed policies is nothing more than a collection of security tools generating alerts. The policy layer is…
-

Mapping Zero Trust to GDPR
The General Data Protection Regulation fundamentally changed how organizations must think about personal data. GDPR requires that personal data be…
-

Compliance (ISO 27001, SOC 2) and Zero Trust
Organizations pursuing ISO 27001 certification or SOC 2 attestation frequently discover that the controls required by these frameworks align closely…
-

Zero Trust in Healthcare
Healthcare organizations face a security paradox that few other industries encounter. The imperative to share patient data rapidly across clinical…
-

Zero Trust for Financial Institutions
Financial institutions operate in one of the most targeted threat landscapes in existence. Banks, insurance companies, investment firms, and payment…
-

Infrastructure as Code and Zero Trust
Infrastructure as Code (IaC) is both a powerful enabler of Zero Trust and a potential attack vector that must itself…