April 21

Webinar Takeaway: Zero Trust-Modelle ohne Reibungsverluste umsetzen

Security

0  comments

My key takeaways

  • the concept of pure perimeter security (inside is good, outside is evil) is outdated
  • What is zero trust
  • To implement a zero trust concept a lot of components and different software can be used. But in a broad scenario it increases the probability of a miss due to the increasing complexity
  • Compromised credentials are used in 80% of all breaches
  • EDR are good in detecting malware and attack tools but not the anormal use of valid credentials
  • Detecting anomalies in the behaviour of users or systems offers a good chance of detecting an attacker
    • e.g. on a computer which is usually only used by a dedicated user, another user is logging in
      • may be valid, may be an indicator of compromise => send MFA request to this user to verify validity

Env

Tags

anomaly detection, authentication, zero trust

You may also like

Boosting Cybersecurity in German SMEs with Gamification and Serious Play

TL;DR Gamified cybersecurity training offers an engaging and effective way to improve security awareness and practices within German SMEs. The ALARM Information Security project demonstrates the success of integrating gamification into training, enhancing retention and understanding of cybersecurity principles. By leveraging customized game scenarios, regular workshops, and participatory feedback loops, SMEs can bolster their cybersecurity

Read More

Unlock Effective Cybersecurity: Simplify Policies with the Clarity of the OSI Model

TL;DR Diving into the essence of effective cybersecurity, this article shines a light on the transformative power of simplifying policy language, inspired by the OSI model’s structured communication layers. It goes beyond theoretical insights, offering actionable strategies for CISOs to demystify complex jargon and make cybersecurity policies accessible and engaging for every team member. Highlighting

Read More
Leave a Comment