SKIP THE SHIPPING
Use code NOSHIP during checkout to save 40% on eligible eBooks, now through January 5. Shop now.
This eBook includes the following formats, accessible from your Account page after purchase:
EPUB The open industry format known for its reflowable content and usability on supported mobile devices.
PDF The popular standard, used most often with the free Acrobat® Reader® software.
This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.
Also available in other formats.
Register your product to gain access to bonus material or receive a coupon.
Before an enterprise answers How can we achieve a Zero Trust architecture? they should be asking Why are we looking at Zero Trust as an access model? Does it align with our vision? In an innovative format, Cisco security architecture expert Avinash Naduvath guides you through the philosophical questions and practical answers for an enterprise looking to start the Zero Trust journey.
A conversational model will take you from the initial stages of identifying goals and pitching solutions, through practical tasks that highlight tangible outcomesincluding common primary use casesin order to bring focus to the correct implementation and maintenance of a Zero Trust architecture.
For a future where success is measured as much by the security of a system as by the functionality, In Zero Trust We Trust is designed to help everyone at every stage and level of leadership understand not only the conceptual underpinnings, but the real-world context of when, how, and why to deploy Zero Trust security controls. This book provides the starting point for helping you change the mindset of others, and getting them to understand why Zero Trust isnt simply a conversation to be had, but a movement to embrace.
Introduction xxi
Phase 1 Mindset 1
Chapter 1 When It All Begins 3
Interview Strategies 4
Key Zenith Trust Bank Stakeholders 5
Endnote 12
Chapter 2 The Zero Trust Kaleidoscope 13
Delay in Adoption 14
Peeling the Zero Trust Onion 22
Endnotes 28
Chapter 3 Defining Zero Trust 31
Zero Trust Is Not 32
The Core of the Zero Trust Onion 37
Are We Crying After Peeling the Onion? 39
Rethink Security: A Common Breach Scenario 39
Concepts and Tenets of Zero Trust 40
Zero Trust Catalysts 46
Endnotes 53
Phase 2 Align to the Business Vision and Mission and Craft Metrics for Success 55
Chapter 4 Always Start with Why 57
Take the Time to Ask Why: Understanding the Vision 58
Aligning Zero Trust with the Enterprise Mission 59
Common Drivers for Zero Trust Adoption 73
What Matters Is Why 99
The Interview 99
Endnotes 102
Chapter 5 Measuring Zero Trust Success 103
Importance of Measurement 104
The Metrics Lifecycle 105
A Hybrid Approach 132
The Follow-Up 133
Endnote 138
Chapter 6 Understanding Zero Trust Maturity 139
The Five Pillars of Maturity for Zero Trust 140
Zero Trust Maturity Levels 157
Zero Trust Maturity Goals 160
Measurement of Maturity 162
Zero Trust Scoring Process 172
The Follow-Up 174
Endnotes 181
Phase 3 Identify Key Stakeholders and Enable a Zero Trust Team 183
Chapter 7 Zero Trust Avengers, Assemble! 185
Why Is the Team Critical? 185
Strategy and Deployment: Two Sides of a Coin 187
Security Ownership 188
Breaking the Barrier (Infrastructure, Operations, and Security) 189
DevSecOps and Its Relevance to Zero Trust 190
Key Stakeholders in a Zero Trust Team 194
Managing Your Stakeholders 204
Security Culture: The Last Piece of the Puzzle 206
The Follow-Up 209
Endnote 209
Phase 4 Develop the Target Zero Trust Architecture 211
Chapter 8 Building a Zero Trust Architecture 213
A Typical Enterprise Architecture 214
A Zero Trust Architecture Overlay 225
Conceptual Zero Trust Architecture 230
What Does a Zero Trust Policy Look Like? 240
Information Flow in the Zero Trust Architecture 243
Basic Flows in a Zero Trust System 243
Software-Defined Perimeter 252
The Deep Dive 260
Endnote 261
Chapter 9 Critical Security Mechanisms for Zero Trust Architectures 263
Zero Trust Mechanisms for Subjects (Users and Devices) 263
Zero Trust Mechanisms for Networks (Workplace) 278
Zero Trust Mechanisms for Data and Applications 285
Zero Trust Mechanisms for Visibility with Security Orchestration and Automation 289
The Deep Dive 303
Endnote 304
Phase 5 Present the Zero Trust Strategy and Metrics 305
Chapter 10 Presenting the Zero Trust Strategy 307
Presenting Zero Trust to the Enterprise 308
The Presentation 316
Phase 6 Implement, Monitor, Feedback, Repeat 325
Chapter 11 Implementation and Continuous Monitoring 327
Do Not Ignore Your Current Gaps 328
Frameworks Are Only a Reference 328
Adopt Agile for Initiatives and SAFe for the Strategy Delivery 328
Implement the Vision 331
Monitor and Enhance 336
The Serendipitous Meeting 337
Chapter 12 The Road Ahead 339
A Trusted Zero Trust Partner 342
Aim Higher, Together 343
Endnote 343
9780138237400, TOC, 1/23/2024