Name
F7. The “Zero Trust” Model for Cyber Security
Track
Vendor
Date
Thursday, May 10, 2018
Time
11:15 AM - 12:15 PM
Description
Session Description:

For decades, security controls have been built around protecting a single, massive corporate perimeter. As seen with the latest breaches in the industry, this method has proven unsuccessful at realizing its core intent—to appropriately protect the critical systems, data, and personnel that allow our companies to successfully operate. Once the perimeter is breached, a threat actor can move freely across security layers and systems, leaving sensitive data vulnerable to compromise.

The Zero Trust model lifts that reliance on a single perimeter and moves it to every endpoint, user, application, and data element within your company. The premise is built on strong identities, authentication, trusted endpoints, network segmentation, access controls, and user and system attributes to protect and regulate access to “toxic” or sensitive data, systems, and applications.  Zero Trust is made up of two primary principles, you don’t inherently trust anything on or off your network and that you are applying appropriate security controls based on the sensitivity or toxicity of the data or application you are trying to protect.

In this presentation, James Carder, CISO and VP of LogRhythm Labs, will discuss the Zero Trust model and how you can implement it to enhance your security operations.

 

Learner Objectives
After completing this session, learner will understand:
    •    The need for the Zero Trust model
    •    Origins of the Zero Trust model
    •    What options you have today to implement
    •    How LogRhythm implemented a Zero Trust model, and how you can apply it at yours
Speaker Bio(s)
James Carder brings more than 19 years of experience working in corporate IT security and consulting for the Fortune 500 and U.S. Government. At LogRhythm, he develops and maintains the company’s security governance model and risk strategies, protects the confidentiality, integrity, and availability of information assets, oversees both threat and vulnerability management as well as the Security Operations Center (SOC). He also directs the mission and strategic vision for the LogRhythm Labs machine data intelligence, threat and compliance research teams. Prior to joining LogRhythm, James Carder was the Director of Security Informatics at Mayo Clinic where he had oversight of Threat Intelligence, Incident Response, Security Operations, and the Offensive Security groups. Prior to Mayo, Mr. Carder served as a Senior Manager at MANDIANT, where he led professional services and incident response engagements. He led criminal and national security related investigations at the city, state and federal levels, including those involving the theft of credit card information and Advanced Persistent Threats (APT). James is a sought-after and frequent speaker at cybersecurity events and is a noted author of several cyber security publications. He holds a Bachelor of Science degree in Computer Information Systems from Walden University, an MBA from the University of Minnesota’s Carlson School of Management, and is a Certified Information Systems Security Professional (CISSP.)