Project Zero Trust - A Story About a Strategy for Aligning Security and the Business

Read more

Informationen zum Autor GEORGE FINNEY is the Chief Security Officer at Southern Methodist University. He has taught Cybersecurity at SMU and been recognized as one of the top 100 Chief Information Security Officers in the world by CISOs Connect. He has over 20 years' experience in the industry with startups, global telecommunication firms, and nonprofits. Klappentext Implement Zero Trust initiatives efficiently and effectivelyIn Project Zero Trust: A Story About a Strategy for Aligning Security and the Business, George Finney, Chief Security Officer at Southern Methodist University, delivers an insightful and practical discussion of Zero Trust implementation. Presented in the form of a fictional narrative involving a breach at a company, the book tracks the actions of the company's new IT Security Director.Readers will learn John Kindervag's 5-Step methodology for implementing Zero Trust, the four Zero Trust design principles, and how to limit the impact of a breach. They'll also find:* Concrete strategies for aligning your security practices with the business* Common myths and pitfalls when implementing Zero Trust and how to implement it in a cloud environment* Strategies for preventing breaches that encourage efficiency and cost reduction in your company's security practicesProject Zero Trust is an ideal resource for aspiring technology professionals, as well as experienced IT leaders, network engineers, system admins, and project managers who are interested in or expected to implement zero trust initiatives. Zusammenfassung Implement Zero Trust initiatives efficiently and effectivelyIn Project Zero Trust: A Story About a Strategy for Aligning Security and the Business, George Finney, Chief Security Officer at Southern Methodist University, delivers an insightful and practical discussion of Zero Trust implementation. Presented in the form of a fictional narrative involving a breach at a company, the book tracks the actions of the company's new IT Security Director.Readers will learn John Kindervag's 5-Step methodology for implementing Zero Trust, the four Zero Trust design principles, and how to limit the impact of a breach. They'll also find:* Concrete strategies for aligning your security practices with the business* Common myths and pitfalls when implementing Zero Trust and how to implement it in a cloud environment* Strategies for preventing breaches that encourage efficiency and cost reduction in your company's security practicesProject Zero Trust is an ideal resource for aspiring technology professionals, as well as experienced IT leaders, network engineers, system admins, and project managers who are interested in or expected to implement zero trust initiatives. Inhaltsverzeichnis About the Author xi Acknowledgments xiii Foreword xv Introduction xxi Chapter 1: The Case for Zero Trust 1 Key Takeaways 10 Chapter 2: Zero Trust Is a Strategy 13 Key Takeaways 26 The Four Zero Trust Design Principles 27 The Five-Step Zero Trust Design Methodology 27 The Zero Trust Implementation Curve 27 Chapter 3: Trust Is a Vulnerability 29 Key Takeaways 39 Chapter 4: The Crown Jewels 43 Key Takeaways 54 Chapter 5: The Identity Cornerstone 57 Key Takeaways 71 Chapter 6: Zero Trust DevOps 73 Key Takeaways 83 Chapter 7: Zero Trust SOC 87 Key Takeaways 100 Chapter 8: Cloudy with a Chance of Trust 103 Key Takeaways 113 Chapter 9: A Sustainable Culture 117 Key Takeaways 129 Chapter 10: The Tabletop Exercise 133 Key Takeaways 147 Chapter 11: Every Step Matters 151 Key Takeaways 159 Appendix A: Zero Trust Design Principles and Methodology 165 The Four Zero Trust Design Principles 165 The Five-Step Zero Trust Design Methodology 166 A...

List of contents

About the Author xi
 
Acknowledgments xiii
 
Foreword xv
 
Introduction xxi
 
Chapter 1: The Case for Zero Trust 1
 
Key Takeaways 10
 
Chapter 2: Zero Trust Is a Strategy 13
 
Key Takeaways 26
 
The Four Zero Trust Design Principles 27
 
The Five-Step
 
Zero Trust Design Methodology 27
 
The Zero Trust Implementation Curve 27
 
Chapter 3: Trust Is a Vulnerability 29
 
Key Takeaways 39
 
Chapter 4: The Crown Jewels 43
 
Key Takeaways 54
 
Chapter 5: The Identity Cornerstone 57
 
Key Takeaways 71
 
Chapter 6: Zero Trust DevOps 73
 
Key Takeaways 83
 
Chapter 7: Zero Trust SOC 87
 
Key Takeaways 100
 
Chapter 8: Cloudy with a Chance of Trust 103
 
Key Takeaways 113
 
Chapter 9: A Sustainable Culture 117
 
Key Takeaways 129
 
Chapter 10: The Tabletop Exercise 133
 
Key Takeaways 147
 
Chapter 11: Every Step Matters 151
 
Key Takeaways 159
 
Appendix A: Zero Trust Design Principles and Methodology 165
 
The Four Zero Trust Design Principles 165
 
The Five-Step Zero Trust Design Methodology 166
 
Appendix B: Zero Trust Maturity Model 167
 
Appendix C: Sample Zero Trust Master Scenario Events List 171
 
Appendix D: For Further Reading 179
 
Standards, Frameworks, and Other Resources 179
 
Case Studies 180
 
Google BeyondCorp Papers 180
 
Books 181
 
Hardening Guides 181
 
Glossary 183
 
Index 191