2022-01-05T03:25:00Z
EB
Director of Community at PeerSpot (formerly IT Central Station)
  • 1
  • 52

What are your top Zero Trust Network Access (ZTNA) predictions for 2022?

Hi security professionals,

What top trends do you predict about ZTNA solutions for 2022?

1
PeerSpot user
1 Answer
JB
Reseach Director, Cybersecurity - Industry Analyst at IDC
Real User
Top 10
2022-01-06T21:00:30Z
Jan 6, 2022

Hey like the new name.


My Zero Trust Predictions are largely more of the same.  It's a desired state, but it requires other IAM prerequisites before it should be attempted or proclaimed.  I've described these as a three-legged stool before:


1 Passwordless


2 Least privileged access


3 Network segmentation/proxy


Passwordless is defined many ways and getting easier.  Registration and hide the password is pretty popular, but there are true PKI-based alternatives.  Why do you need it?  So you aren't prompting/challenging people for every single and somewhat sensitive login.  Know thy users (or the clever ones will develop work-arounds).


LPA is a refinement exercise best done given rolling averages of 30-day user activity or any other available insights that tracks resource usage by ID.  Those not using shouldn't have access.


Network segmentation is a final step that's not really identity-centric.  I believe the reverse proxy approach (aka BeyondCorp) makes a lot of sense, but there are other methods.


More often than not, security teams have the budget to do one, maybe two of the above running more than pilot projects in any one year.  Wait a few years for the remaining funding and ZTNA might become the rule rather than the exception.

Learn what your peers think about Azure Active Directory (Azure AD). Get advice and tips from experienced pros sharing their opinions. Updated: March 2023.
688,083 professionals have used our research since 2012.
Search for a product comparison in Information Security and Risk Consulting Services
Related Questions
AC
IT Consultant at Woohoogeeks
Apr 30, 2022
Hi peers, Is the war in Ukraine going to change our perspective of data security in the cloud?  Are we going to start reverting to onsite storage of data? What is your option?
See 1 answer
ZW
User at easybook
Apr 30, 2022
There is no need to change that.
JW
User at Ant Financial
Mar 31, 2022
Hi security professionals, Companies like Fuzzbuzz, Forallsecure are introducing fuzzing platforms to the public. Have you ever used this or an alternative tool in your company?  How has your experience been with that fuzzing tool? Thanks for the help!
See 1 answer
EB
Director of Community at PeerSpot (formerly IT Central Station)
Mar 31, 2022
Hi @NagarajSheshachalam ​, @Nachu Subramanian , @KashifJamil ​, @Cuneyt KALPAKOGLU Phd. ​and @Jangsun KIM ​, Can you please help @JerryWang1 ​in answering this question or advising how to get the answers?
Related Articles
Syed S - PeerSpot reviewer
Program Manager - Information Security at Gulf International Bank
Apr 13, 2022
Have you ever wondered how effective project management can really help you with your Cyber security projects? In recent times, cybersecurity has become an increasingly important issue worldwide. Every year, businesses spend more time and effort protecting their data. Gartner forecasted that global security investments will exceed $172 billion in 2022. Nobody can underestimate the necessity o...
See 1 comment
BV
Sr.Dir/Managing Principal Technology Consulting at a consultancy with 10,001+ employees
Apr 13, 2022
Cybersecurity had been recognized as a Fifth War Domain a while back: Land, Sea, Air, Space, Cyber.  As such, planning for war is important since it provokes managers to THINK.  While the plans that these managers develop are mostly useless since these plans become mostly irrelevant when the Cyber Battle ensues. Preparedness, counterintelligence, logistics, skills, adaptability, and distributed decision-making become more important as compared to PMI principles and best practices ( 'the disciplined agile' should be included and focused on as part of the adaptability;-)).
RC
Enterprise Architect at CDPL
Dec 15, 2021
Privacy Concerns in an RPA Implementation Program. The biggest concern we (as RPA solution implementors) have faced when interacting with clients and customers were: 1. Regulatory and Compliance issues. 2. InfoSec and Security issues. 3. Audit Issues. Regulatory and Compliance Issues: There is a huge penalty if the wrong data gets updated and emails are sent to customers by the regulatory...
AS
Director, Middle East, East India & SAARC at DMX Technologies
Mar 13, 2023
Zero Trust is a set of techniques to secure end-to-end IT network infrastructure. Given the complexity of today’s networks, Zero Trust security principles continue to evolve and adapt to current demands. As indicated by the history of Zero Trust, an evolving IT security landscape was what had eventually led to this concept. And right from the start, the end goal was to ensure a strong and resi...
See 1 comment
Remy Ma - PeerSpot reviewer
Network Security Services at ACE Managed Securty Services
Mar 13, 2023
Zero Trust Security is all the rage these days and for good reason. It’s a powerful security framework that organizations can use to protect themselves against cyber threats. While it sounds complicated, at its core there are five simple principles that makeup Zero Trust Security: 1. Never trust, always verify: With managed email security services,  organizations can employ various layers of authentication and authorization to verify user identities before allowing access. 2. Least privilege: Organizations should only grant users the minimal amount of access necessary for their role in order to reduce the risk of a data breach or other malicious activity. 3. Zero trust boundaries: By using managed email security services, organizations can ensure that data and systems are segmented into secure boundaries to prevent the lateral movement of malicious actors. 4. Continuous monitoring: Organizations should employ managed email security services to continuously monitor and log user activity, allowing administrators to spot suspicious behavior quickly and take appropriate action. 5. Comprehensive security solutions: By employing managed email security services, organizations can ensure comprehensive protection from cyber threats. These five principles are the foundation of Zero Trust Security and managed email security services are necessary for implementing them in a secure and effective way. Take advantage of managed email security services today to ensure that your organization is protected against all types of cyber threats.
TS
CEO at Rufusforyou
Jun 23, 2021
Security and protecting your environment are the biggest challenges now. Is this because we don't have software to protect our environment or is it anything else? In the past, I started with mainframes and no worries about hackers.  Today, we are dealing with a silo approach. Servers are at various locations, ICT staff is working in a silo environment and we are dealing with applications in...
Related Articles
Syed S - PeerSpot reviewer
Program Manager - Information Security at Gulf International Bank
Apr 13, 2022
How important is project management to the execution of cyber security projects?
Have you ever wondered how effective project management can really help you with your Cyber secur...
RC
Enterprise Architect at CDPL
Dec 15, 2021
Privacy issues and regulatory laws to be complied with when implementing an RPA program
Privacy Concerns in an RPA Implementation Program. The biggest concern we (as RPA solution imple...
Download Free Report
Download our free Azure Active Directory (Azure AD) Report and get advice and tips from experienced pros sharing their opinions. Updated: March 2023.
DOWNLOAD NOW
688,083 professionals have used our research since 2012.