In Zero Trust We Trust

Avinash Naduvath is a renowned security architect in the Customer Experience (CX) Security Services division at Cisco Systems. As part of CX-Security, he has delivered multiple solutions to help secure customer networks. The range of services included incepting secure architectures, designs, technology advisories, best practice recommendations, and security assessments.   Prior to his current role in Cisco, Avinash was part of the technical services for security in Cisco-Bangalore and has helped troubleshoot and secure networks for multiple customers. He is a subject matter expert in next-generation firepower technology. Previous to this, Avinash was part of the professional services team in Cisco-Bangalore as a network consulting engineer.   Avinash has over 10 years of experience in the information security domain, having worked on multiple aspects of security such as secure engineering and secure architecture. He has a passion for offensive security and has spoken on various topics at conferences such as Cisco SECCON and the Offensive Summit held at Cisco. Avinash has also contributed to and created multiple automation projects that have helped accelerate the security business. He is currently based in Singapore and enjoys presenting topics relevant to Zero Trust and its adoption.   He holds a master’s degree in software systems from BITS Pilani, and is a Certified Information Systems Security Professional (CISSP), Cisco Certified Internetwork Expert—Security (CCIE), CompTIA Advanced Security (CASP+) practitioner, SABSA Charted Architect–Foundations and has acquired Cloud Security Alliance’s Certified Competence in Zero Trust (CCZT) among many security-based certifications he has accumulated during the course of his career. Avinash is a Certified Forrester’s Zero Trust Adoption practitioner and is also the author of the award-winning fictional novel Mindbender (Literary Titan Silver Book Awardee and a Feathered Quill finalist).

    Introduction xxi

Phase 1 Mindset 1

Chapter 1 When It All Begins 3

    Interview Strategies 4

    Key Zenith Trust Bank Stakeholders 5

    Endnote 12

Chapter 2 The Zero Trust Kaleidoscope 13

    Delay in Adoption 14

    Peeling the Zero Trust Onion 22

    Endnotes 28

Chapter 3 Defining Zero Trust 31

    Zero Trust Is Not… 32

    The Core of the Zero Trust Onion 37

    Are We Crying After Peeling the Onion? 39

    Rethink Security: A Common Breach Scenario 39

    Concepts and Tenets of Zero Trust 40

    Zero Trust Catalysts 46

    Endnotes 53

Phase 2 Align to the Business Vision and Mission and Craft Metrics for Success 55

Chapter 4 Always Start with “Why” 57

    Take the Time to Ask Why: Understanding the Vision 58

    Aligning Zero Trust with the Enterprise Mission 59

    Common Drivers for Zero Trust Adoption 73

    What Matters Is Why 99

    The Interview 99

    Endnotes 102

Chapter 5 Measuring Zero Trust Success 103

    Importance of Measurement 104

    The Metrics Lifecycle 105

    A Hybrid Approach 132

    The Follow-Up 133

    Endnote 138

Chapter 6 Understanding Zero Trust Maturity 139

    The Five Pillars of Maturity for Zero Trust 140

    Zero Trust Maturity Levels 157

    Zero Trust Maturity Goals 160

    Measurement of Maturity 162

    Zero Trust Scoring Process 172

    The Follow-Up 174

    Endnotes 181

Phase 3 Identify Key Stakeholders and Enable a Zero Trust Team 183

Chapter 7 Zero Trust Avengers, Assemble! 185

    Why Is the Team Critical? 185

    Strategy and Deployment: Two Sides of a Coin 187

    Security Ownership 188

    Breaking the Barrier (Infrastructure, Operations, and Security) 189

    DevSecOps and Its Relevance to Zero Trust 190

    Key Stakeholders in a Zero Trust Team 194

    Managing Your Stakeholders 204

    Security Culture: The Last Piece of the Puzzle 206

    The Follow-Up 209

    Endnote 209

Phase 4 Develop the Target Zero Trust Architecture 211

Chapter 8 Building a Zero Trust Architecture 213

    A Typical Enterprise Architecture 214

    A Zero Trust Architecture Overlay 225

    Conceptual Zero Trust Architecture 230

    What Does a Zero Trust Policy Look Like? 240

    Information Flow in the Zero Trust Architecture 243

    Basic Flows in a Zero Trust System 243

    Software-Defined Perimeter 252

    The Deep Dive 260

    Endnote 261

Chapter 9 Critical Security Mechanisms for Zero Trust Architectures 263

    Zero Trust Mechanisms for Subjects (Users and Devices) 263

    Zero Trust Mechanisms for Networks (Workplace) 278

    Zero Trust Mechanisms for Data and Applications 285

    Zero Trust Mechanisms for Visibility with Security Orchestration and Automation 289

    The Deep Dive 303

    Endnote 304

Phase 5 Present the Zero Trust Strategy and Metrics 305

Chapter 10 Presenting the Zero Trust Strategy 307

    Presenting Zero Trust to the Enterprise 308

    The Presentation 316

Phase 6 Implement, Monitor, Feedback, Repeat 325

Chapter 11 Implementation and Continuous Monitoring 327

    Do Not Ignore Your Current Gaps 328

    Frameworks Are Only a Reference 328

    Adopt Agile for Initiatives and SAFe for the Strategy Delivery 328

    Implement the Vision 331

    Monitor and Enhance 336

    The Serendipitous Meeting 337

Chapter 12 The Road Ahead 339

    A Trusted Zero Trust Partner 342

    Aim Higher, Together 343

    Endnote 343

 

9780138237400, TOC, 1/23/2024