“Zero trust to me is a set of principles, and the degree to which you operate those principles is very much a risk-management exercise,” says Mike Gorman, Head of Security and Compliance at NetFoundry.
This remark set the tone for the informed dialogue Gorman recently had with Boris Khazin, our Global Head of DRM Services, in our latest #CybersecurityByDesign conversation.
The environment that requires zero-trust networking, Gorman says, is complex. “The more we advance the information age, the more we are struggling to get ahold of our security and the more we are struggling to reach the kind of business agility that we want and all of these competing factors.”
Listen to the Gorman-Khazin back-and-forth as it ranges from GDPR and CCPA, to improving the implementation of private networks, to including GRC within the software development lifecycle and the solution development lifecycle.
These are essential topics that all businesses need to address, whether they recognize the need or not.
“Vulnerabilities always exist,” says Gorman. “If you don't know about them, then there's a zero-day out there [and] some security researcher, good or bad, is gonna find it for you.”
One way to combat the bad guys: Get into the network early and protect it. “By getting the networking piece right, you can reduce the threat actor space by literally orders of magnitude,” says Gorman.
Want to start making your organization less vulnerable? Hit “play.”
Host: Alison Kotin
Engineer: Kyp Pilalas
Producer: Ken Gordon