Sign up to save your podcasts
Or
Share Sese Bennett on Zero Trust [Podcast]
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Sese Bennett on Zero Trust [Podcast]
By Adam Turteltaub
Compliance teams have long advocated for building more trust in the workplace. That is good idea for the corporate culture, but, counsels Sese Bennett, a virtual CISO for CereCore Advisory Services, going the exact opposite way may be better for your IT security. There he advocates organization never trust and always verify.
So, what is a zero trust approach? It assumes that just because someone has logged in to your system doesn’t mean that person is who he says he is or that she can access the entire system. In practice that means carefully controlling access both into the network and within it. It means preventing people from accessing a low value part of the network and giving that person access to higher value servers. It means having a system that knows an individual doesn’t, say, normally login from Pakistan at 4:00 in the morning. It monitors sudden changes of usage.
Importantly, he explains, a zero trust approach is not necessarily intrusive. Users won’t be forced to login repeatedly to prove who they are. Instead, it can work behind the scenes and be invisible to the end user.
Listen in to learn more, including what teams you will need internally to adopt a zero trust approach and potentially better protect your data from breaches.
View all episodes
By SCCE
4.8
3434 ratings
By Adam Turteltaub
Compliance teams have long advocated for building more trust in the workplace. That is good idea for the corporate culture, but, counsels Sese Bennett, a virtual CISO for CereCore Advisory Services, going the exact opposite way may be better for your IT security. There he advocates organization never trust and always verify.
So, what is a zero trust approach? It assumes that just because someone has logged in to your system doesn’t mean that person is who he says he is or that she can access the entire system. In practice that means carefully controlling access both into the network and within it. It means preventing people from accessing a low value part of the network and giving that person access to higher value servers. It means having a system that knows an individual doesn’t, say, normally login from Pakistan at 4:00 in the morning. It monitors sudden changes of usage.
Importantly, he explains, a zero trust approach is not necessarily intrusive. Users won’t be forced to login repeatedly to prove who they are. Instead, it can work behind the scenes and be invisible to the end user.
Listen in to learn more, including what teams you will need internally to adopt a zero trust approach and potentially better protect your data from breaches.
More shows like Compliance Perspectives
View all
The Joe Rogan Experience
229,674 Listeners
Hidden Brain
43,687 Listeners
Wait Wait... Don't Tell Me!
38,950 Listeners
Making Sense with Sam Harris
26,380 Listeners
Pivot
9,724 Listeners
FCPA Compliance Report
20 Listeners
Up First from NPR
56,944 Listeners
Stay Tuned with Preet
32,354 Listeners
Corruption Crime & Compliance
43 Listeners
GZERO World with Ian Bremmer
837 Listeners
Compliance into the Weeds
12 Listeners
Daily Compliance News
7 Listeners
The Ezra Klein Show
16,525 Listeners
On with Kara Swisher
3,538 Listeners
The Mel Robbins Podcast
20,222 Listeners