Zero trust advice: Start small, but get started

Share post:

Moving to a zero trust environment is so important that CEOs may have to appoint a manager to complete their projects, says a senior IT executive.

“To get zero trust across the finish line, some companies may appoint a zero trust officer,” John Engates, Cloudflare’s field CTO told an IT World Canada MapleSec Satellite webinar on Tuesday.

“Showing leadership, demonstrating how important it is to the organization, putting someone in charge of getting to a zero trust stance is really critical. No matter how you demonstrate that to your stakeholders, it’s really critical someone stand up and say, ‘We’ve got do better at this, we have to do it comprehensively across the entire organization. And we have to do it soon because the threats aren’t getting easier to deal with.'”

Zero trust — a security strategy that assumes no one on the IT network should be trusted — is a philosophy, Engates emphasized, not a product. This is why it can take a while to implement, depending on an organization’s cybersecurity maturity.

Related content: What is Zero Trust Network Access?

Implementing that strategy can begin with ensuring cybersecurity basics are covered — starting with ensuring the organization’s DNS server filters known malware, and moving to identity management, access control, phishing-proof multifactor authentication and more.

Cloudflare has created a zero-trust roadmap with 28 steps in four phases. Not every organization needs to implement that much detail. But the point is, for some large firms, nailing down a zero-trust approach can take a while.

Related content: Four steps to zero trust 

But, Engates said, it can be done in bite-sized chunks. “You can take what you need from a zero-trust architecture. Maybe you’re trying to secure your remote users or contractors. Start there (then) start with the applications that need the most security and work your way out.”

It doesn’t cost a lot for a small organization, he said, while larger ones can start small and expand over time.

Whatever way your firm decides, he said, “get started and get moving.”

The post Zero trust advice: Start small, but get started first appeared on IT World Canada.
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs



Related articles

Gartner debunks myths undermining cybersecurity success

Henrique Teixeira, Senior Director Analyst at Gartner, and Leigh McMullen, Distinguished VP Analyst at Gartner, highlighted and disproved...

Toyota discloses customer data breach

Toyota has disclosed that customer information from Japan and other countries in Asia and Oceania was publicly available...

Critical Vulnerability found in MOVEit

Progress Software has warned about a critical vulnerability in its popular file-transfer software, MOVEit, which could allow malicious...

Canadian Defence Minister concerned over increasing cyberattacks

Canadian Defence Minister Anita Anand has issued a warning that the country's key infrastructure is more vulnerable to...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways