Muutke küpsiste eelistusi

E-raamat: Zero Trust Journey Across the Digital Estate [Taylor & Francis e-raamat]

,
  • Formaat: 212 pages, 5 Tables, black and white; 14 Line drawings, black and white; 47 Halftones, black and white; 61 Illustrations, black and white
  • Ilmumisaeg: 01-Sep-2022
  • Kirjastus: CRC Press
  • ISBN-13: 9781003225096
Teised raamatud teemal:
  • Taylor & Francis e-raamat
  • Hind: 170,80 €*
  • * hind, mis tagab piiramatu üheaegsete kasutajate arvuga ligipääsu piiramatuks ajaks
  • Tavahind: 244,00 €
  • Säästad 30%
Zero Trust Journey Across the Digital EstateSuurem pilt
  • Formaat: 212 pages, 5 Tables, black and white; 14 Line drawings, black and white; 47 Halftones, black and white; 61 Illustrations, black and white
  • Ilmumisaeg: 01-Sep-2022
  • Kirjastus: CRC Press
  • ISBN-13: 9781003225096
Teised raamatud teemal:
Taylor & Francis e-raamatudRohkem infot Taylor & Francis e-raamatute kohta
Raamatu kodulehekülg: https://www.taylorfrancis.com/books/9781003225096
"Zero Trust is the strategy that organizations need to implement to stay ahead of cyber threats, period. The industry has 30 plus years of categorical failure that shows us that our past approaches, while earnest in their efforts, have not stopped attackers. Zero Trust strategically focuses on and systematically removes the power and initiatives hackers and adversaries need to win as they circumvent security controls. This book will help you and your organization have a better understanding of what Zero Trust really is, recognize its history, and gain prescriptive knowledge that will help you and your enterprise finally begin beating the adversaries in the chess match that is cyber security strategy."

Dr. Chase Cunningham (aka Dr. Zero Trust), Cyberware Expert

Todays organizations require a new security approach that effectively adapts to the challenges of the modern environment, embraces the mobile workforce, and protects people, devices, apps, and data wherever they are located. Zero Trust is increasingly becoming the critical security approach of choice for many enterprises and governments; however, security leaders often struggle with the significant shifts in strategy and architecture required to holistically implement Zero Trust.

This book seeks to provide an end-to-end view of the Zero Trust approach across organizations digital estates that includes strategy, business imperatives, architecture, solutions, human elements, and implementation approaches that could significantly enhance these organizations' success in learning, adapting, and implementing Zero Trust. The book concludes with a discussion of the future of Zero Trust in areas such as artificial intelligence, blockchain technology, operational technology (OT), and governance, risk, and compliance.

The book is ideal for business decision makers, cybersecurity leaders, security technical professionals, and organizational change agents who want to modernize their digital estate with the Zero Trust approach.
Author Biographies xvii
Foreword xx
Acknowledgment xxii
Introduction 1(6)
What Is Unique about This Book?
2(3)
Additional Resources
5(2)
PART 1 History, Introduction, and Fundamentals of Zero Trust
7(48)
1 History of and Introduction to Zero Trust
9(33)
1.1 Driving Forces
10(1)
1.2 What Is Zero Trust?
10(1)
1.3 The Inception of Zero Trust Concept
11(16)
1.3.1 Cloud Security Alliance's Software Define Perimeter and Zero Trust
13(1)
1.3.2 Google's BeyondCorp Zero Trust Model
14(1)
1.3.3 Gartner's CARTA Framework for Zero Trust
15(2)
1.3.3.1 CARTA'S Zero Trust Implementation Approach
17(1)
1.3.4 Netflix's LISA Model for Zero Trust
18(1)
1.3.4.1 LISA Principles
18(1)
1.3.5 Forrester's ZTX Framework
19(3)
1.3.6 NIST SP 800:207 Zero Trust Framework
22(1)
1.3.6.1 NIST's Zero Trust Architecture Foundation
22(2)
1.3.6.2 Policy Engine
24(1)
1.3.6.3 Policy Administrator
24(1)
1.3.6.4 Policy Enforcement Point
24(1)
1.3.7 The Open Group Zero Trust's Approach
24(1)
1.3.7.1 Key Requirements for Zero Trust as per the Open Group
25(1)
1.3.7.2 Organizational Value and Risk Alignment
25(1)
1.3.7.3 Guardrails and Governance
25(2)
1.3.7.4 Technology
27(1)
1.3.7.5 Security Controls
27(1)
1.3.8 Microsoft's Zero Trust Principles
27(1)
1.4 Why Zero Trust Is Important
27(1)
1.5 Benefits of Zero Trust
28(2)
1.6 Zero Trust Principle Redefined
30(2)
1.6.1 Re-Examine All Default Access Controls
30(1)
1.6.2 Micro-Segmentation
30(1)
1.6.3 Preventing Lateral Movement
31(1)
1.6.4 Leverage a Variety of Preventative Techniques
31(1)
1.6.5 Enable Real-Time Monitoring and Controls to Identify and Halt Malicious Activity Quickly
32(1)
1.6.6 Align to the Broader Security Strategy
32(1)
1.7 Zero Trust for Everyone
32(6)
1.7.1 Government
33(1)
1.7.2 Enterprises
33(3)
1.7.3 Small and Medium Businesses
36(1)
1.7.4 Consumers
37(1)
1.8
Chapter Summary
38(4)
2 Zero Trust -- Disrupting the Business Model
42(13)
2.1 Why Business Leaders Care about Zero Trust
42(2)
2.1.1 Agility Fuels Digital Transformation
42(1)
2.1.2 The New (Reduced) Cost of Doing Business
43(1)
2.1.3 Business Leaders' Commitment to Support Zero Trust Adoption
44(1)
2.2 Zero Trust Starts with a Culture
44(2)
2.2.1 Know Your Organization
44(1)
2.2.2 Inspire Trust
45(1)
2.2.3 Managing Up and Around
45(1)
2.2.4 A Philosophy of Ownership
46(1)
2.3 Paradigm Shift in the Business Model
46(1)
2.4 Zero Trust Security Is Vital for Hybrid Work
47(2)
2.5 Human Elements of Zero Trust
49(3)
2.5.1 Role of the Chief Information Officer
50(1)
2.5.2 Role of Security Professionals
51(1)
2.5.3 Using a Zero Trust Framework to Solve the Skills Gap
51(1)
2.5.4 Role of Employees
52(1)
2.6
Chapter Summary
52(3)
PART 2 Current Status and Best Practices of the Zero Trust Journey
55(128)
3 Zero Trust Maturity and Implementation Assessment
57(18)
3.1 Need for a Zero Trust Maturity Model
57(1)
3.2 Our Unique Approach to a Zero Trust Maturity Model
57(8)
3.2.1 Zero Trust Cybersecurity Maturity Assessment Toolkit
60(2)
3.2.2 How to Use the Zero Trust Cybersecurity Maturity Assessment Tool?
62(3)
3.3 Microsoft's Three-Stage Maturity Model
65(5)
3.3.1 Zero Trust Assessment Using Microsoft Compliance Manager
68(1)
3.3.1.1 First Thing First: What Is Compliance Manager?
68(1)
3.3.1.2 Zero Trust Integration for the Data Protection Baseline Template
68(2)
3.4 CISA's Zero Trust Maturity Model
70(1)
3.5 Forrester's ZTX Security Maturity Model
71(1)
3.6 Palo Alto Zero Trust Maturity Assessment Model
72(1)
3.7
Chapter Summary
73(2)
4 Identity Is the New Security Control Plane
75(33)
4.1 Why Identities and Why Now?
75(1)
4.2 Identity -- Building Trust in the Digital World
76(2)
4.3 Implementation Pillars
78(15)
4.3.1 Unification
78(1)
4.3.1.1 Zero Trust Principle
78(1)
4.3.1.2 Architecture Placement
78(2)
4.3.1.3 Flow
80(1)
4.3.1.4 Actionable Questions Checklist
80(2)
4.3.1.5 Additional Focus Points and Considerations
82(1)
4.3.1.5.1 End-to-End
82(1)
4.3.1.5.2 Web and Non-Web Perspectives
82(1)
4.3.1.5.3 Service Accounts
82(1)
4.3.2 Context
83(1)
4.3.2.1 Zero Trust Principle
83(1)
4.3.2.2 Architecture Placement
83(2)
4.3.2.3 Flow
85(1)
4.3.2.3.1 Behavioral Baseline Flow (Learning Phase)
85(1)
4.3.2.3.2 Single Authentication Flow
85(1)
4.3.2.4 Actionable Questions Checklist
85(1)
4.3.2.5 Additional Focus Points and Considerations
86(1)
4.3.2.5.1 Complete Authentication Trail
86(1)
4.3.2.5.2 Behavioral Profile
86(1)
4.3.2.5.3 Unified Risk Analysis
86(1)
4.3.3 Enforcement
87(1)
4.3.3.1 Zero Trust Principle
87(1)
4.3.3.2 Architecture Placement
87(1)
4.3.3.3 Flow
87(2)
4.3.3.4 Actionable Questions Checklist
89(1)
4.3.3.5 Additional Focus Points and Considerations
89(1)
4.3.3.5.1 Complete Environment Coverage
89(1)
4.3.3.5.2 Access Policies Zoom-In
89(1)
4.3.3.5.3 Rule-Based Policies
89(1)
4.3.3.5.4 Pattern-Based Policies
90(1)
4.3.3.5.5 Risk-Based Policies
90(1)
4.3.4 Granularity
90(1)
4.3.4.1 Zero Trust Principle
91(1)
4.3.4.2 Architecture Placement
91(1)
4.3.4.3 Flow
91(1)
4.3.4.4 Actionable Questions Checklist
91(1)
4.3.4.5 Additional Focus Points and Considerations
91(1)
4.3.4.5.1 Resource vs. Network Segment
91(1)
4.3.4.5.2 From Segment to Resource
91(2)
4.3.4.5.3 From Resource to Access Attempt
93(1)
4.3.4.5.4 Recap of the Assume Breach Component
93(1)
4.4 Priorities for Modernizing Identity
93(12)
4.4.1 Priority 1: Unify Identity Management
94(1)
4.4.1.1 Control 1.1: Enable Single Sign-On
95(1)
4.4.1.2 Control 1.2: External Identities
96(1)
4.4.1.3 Control 1.3: Enable Passwordless Approach When Possible
96(1)
4.4.1.4 Control 1.4: Automatic Provisioning
97(1)
4.4.1.5 Control 1.5: Device Integration
97(1)
4.4.1.6 Control 1.6: Managed Identities
98(1)
4.4.2 Priority 2: Implement Secure Adaptive Access
98(1)
4.4.2.1 Control 2.1: Secure Adaptive Authentication
98(2)
4.4.2.2 Control 2.2: Block Legacy Authentication
100(1)
4.4.2.3 Control 2.3: Protect Against Consent Phishing
100(1)
4.4.2.4 Control 2.4: Equal Focus on On-Prem Identity
101(1)
4.4.3 Priority 3: Identity and Access Governance
101(1)
4.4.3.1 Control 3.1: Automate Provisioning and De-Provisioning
102(1)
4.4.3.2 Control 3.2: Access Lifecycle Management and Separation of Duties
103(1)
4.4.3.3 Control 3.3: Follow the Least Privilege Principle
103(1)
4.4.4 Priority 4: Integrate and Monitor
104(1)
4.4.4.1 Control 4.1: Log and Operationalize Identity Monitoring
104(1)
4.4.4.2 Control 4.2: Integrate Identity for Auto Detection and Response
104(1)
4.5
Chapter Summary
105(3)
5 Zero Trust Architecture Components
108(59)
5.1 Zero Trust Components Overview
108(2)
5.2 Implementation Approach and Objectives
110(1)
5.3 Protect the Data
111(1)
5.4 Zero Trust in Multi-Cloud and Hybrid Environments
111(5)
5.4.1 Customer Case Study: Zero Trust in the Hybrid Environment
112(1)
5.4.1.1 About the Organization
112(1)
5.4.1.2 Current Challenges
112(2)
5.4.1.3 Top Three Challenges Faced While Implementing New Zero Trust Architecture
114(1)
5.4.1.4 Impact and Benefits Achieved by a Zero Trust Project
114(2)
5.5 Secure Access Service Edge and Zero Trust
116(7)
5.5.1 Secure Access Service Edge Architecture Overview
117(2)
5.5.1.1 Policy Evaluation and Enforcement Points
119(1)
5.5.1.2 Microsoft Capabilities
119(2)
5.5.2 Customer Case Study: Secure Access Service Edge Implementation
121(1)
5.5.2.1 Current Situation and Current Challenges
121(1)
5.5.2.2 Technology Solutions Used to Overcome the Challenges
122(1)
5.5.2.3 Impact and Benefits Achieved
122(1)
5.6 Identity Component
123(10)
5.6.1 Identity Architecture Overview
124(1)
5.6.1.1 Silverfort and Azure AD Integrated Identity Zero Trust Solution
124(1)
5.6.1.2 Unification
125(1)
5.6.1.3 Silverfort's "Bridging" Capability
126(1)
5.6.1.4 Context
126(1)
5.6.1.5 Enforcement
126(1)
5.6.1.6 Granularity
126(2)
5.6.1.7 Illustrative Example: Protecting PowerShell to Domain Controller Access
128(2)
5.6.2 Customer Case Study: Unified Identity Management with Zero Trust
130(1)
5.6.2.1 About the Organization
130(1)
5.6.2.2 Current Challenges
130(1)
5.6.2.3 Technology Solutions Used to Overcome Existing Challenges
131(1)
5.6.2.4 Top Three Challenges Faced While Implementing New Zero Trust Architecture
131(1)
5.6.2.5 Benefits Achieved by Implementing Zero Trust Architecture
131(2)
5.7 Endpoint or Devices Component
133(6)
5.7.1 Endpoint or Devices Architecture Overview
133(4)
5.7.1.1 Customer Case Study: Unified Endpoint or Device Management with Zero Trust
137(1)
5.7.1.1.1 About the Organization
137(1)
5.7.1.1.2 Current Challenges
137(1)
5.7.1.1.3 Technology Solutions Used to Over the Challenges
137(1)
5.7.1.1.4 Top 5 Challenges Faced While Implementing New Zero Trust Architecture
138(1)
5.7.1.1.5 Impact and Benefits Achieved with Zero Trust Architecture
138(1)
5.8 Application Component (on Prem, Legacy, Cloud, Mobile App)
139(4)
5.8.1 Application Architecture Overview
140(3)
5.9 Data Component
143(7)
5.9.1 Data Architecture Overview
144(1)
5.9.1.1 Mobile Application Management
144(2)
5.9.1.2 End-to-End Encryption for Data Protection
146(2)
5.9.2 Customer Case Study: Data Loss Prevention and Data Security Zero Trust
148(1)
5.9.2.1 About the Organization
148(1)
5.9.2.2 Current Situation Before the Zero Trust Model
148(1)
5.9.2.3 Technology Solutions Used for Zero Trust Architecture
148(1)
5.9.3 Top Three Challenges Faced While Implementing New Zero Trust Architecture
149(1)
5.9.4 Impact and Benefits with Zero Trust Architecture
150(1)
5.10 Infrastructure Component
150(6)
5.10.1 Infrastructure Deployment Objectives
150(1)
5.10.2 Network Component
151(1)
5.10.3 Network Architecture Overview
152(1)
5.10.3.1 Segment and Enforce the External Boundaries
152(1)
5.10.3.2 Network Segmentation
152(2)
5.10.3.3 Threat Protection
154(1)
5.10.3.4 Encryption
155(1)
5.11 Zero Trust and Operational Technology Component
156(3)
5.11.1 A Practical Approach for Deploying Zero Trust for Operational Technology
156(1)
5.11.2 Internet of Things and Operational Technology Architecture with Zero Trust Principles
157(2)
5.12 Zero Trust and Security Operation Center
159(1)
5.12.1 Security Operation Center Automation and Orchestration with Zero Trust
159(1)
5.12.2 Security Operation Center Architecture Components
160(1)
5.13 Defining DevOps in a Zero Trust World
160(5)
5.13.1 Customer Case Study: DevOps and Application Security with Zero Trust
162(1)
5.13.1.1 About the Organization
162(1)
5.13.1.2 Current Situation and Current Challenges prior to Zero Trust Implementation
163(1)
5.13.1.2.1 Mergers and Acquisitions
163(1)
5.13.1.2.2 Office Engineering
163(1)
5.13.1.3 Technology Solutions Used for Zero Trust Architecture
163(1)
5.13.1.4 Top Three Challenges Faced While Implementing New Zero Trust Architecture
164(1)
5.13.1.5 Impact and Benefits of Zero Trust
164(1)
5.14
Chapter Summary
165(2)
6 Zero Trust Project Plan and Program Approach
167(16)
6.1 The Brave New World
167(1)
6.2 Working Together as One Team
168(1)
6.3 Journey to Zero Trust
168(1)
6.4 Phase 1: Project Planning and Strategy Consideration
169(3)
6.4.1 Phase 1.1: Is Zero Trust Project Right for You?
169(1)
6.4.2 Phase 1.2: Build Your Strategy and Approach Using the Right Zero Trust Framework
169(2)
6.4.3 Phase 1.3: Secure Support and Buy-In from All Stakeholders
171(1)
6.4.4 Phase 1.4: Identify Key Interdependencies Across the Organization
172(1)
6.5 Phase 2: Zero Trust Maturity Level and Project Roadmap
172(1)
6.5.1 Phase 2.1: Building the Zero Trust Project Roadmap
172(1)
6.6 Phase 3: Zero Trust Components Implementation Roadmap
173(4)
6.6.1 Phase 3.1: Create a Roadmap to Increase Maturity for the Identity Domain
173(1)
6.6.2 Phase 3.2: Create a Roadmap to Increase Maturity for the Endpoint Domain
174(1)
6.6.3 Phase 3.4: Create a Roadmap to Increase Maturity for the Application Domain
174(1)
6.6.4 Phase 3.5: Create a Roadmap to Increase Maturity for the Data Domain
174(1)
6.6.5 Phase 3.6: Create a Roadmap to Increase Maturity for the Network Domain
175(1)
6.6.6 Phase 3.7: Create a Roadmap to Increase Maturity for the Infrastructure Domain
176(1)
6.6.7 Phase 3.8: Create a Roadmap to Increase Maturity for the Visibility, Analytics, Automation, and Orchestration Domains
176(1)
6.7 Phase 4: Continuous Evaluation and Project Monitoring
177(1)
6.8 Good, Bad and Ugly -- Learnings from Early Adoption of Zero Trust
177(3)
6.9
Chapter Summary
180(3)
PART 3 Future Horizon of Zero Trust
183(20)
7 Future Horizon of Zero Trust
185(18)
7.1 Enabling Zero Trust with Artificial Intelligence
185(3)
7.1.1 Role of Artificial Intelligence from Zero Trust to Zero Authentication
187(1)
7.2 Blockchain Technology as Zero Trust Enabler
188(4)
7.2.1 Blockchain Technology
188(3)
7.2.2 Decentralized Finance
191(1)
7.3 Embracing Zero Trust for the Internet of Things and Operational Technology
192(5)
7.3.1 Cybersecurity for the Internet of Things
193(2)
7.3.2 A Practical Approach for Implementing Zero Trust for the Internet of Things
195(2)
7.4 Zero Trust in Governance, Risk, and Compliance
197(3)
7.4.1 Zero Trust Is the Best Digital Risk Management Approach
198(2)
7.4.2 The Convergence of Data Governance and Zero Trust
200(1)
7.5
Chapter Summary
200(3)
Index 203
Abbas Kudrati, Binil A. Pillai
Püsilink: https://www.kriso.ee/db/9781003225096_pe.html
Märksõnad: