There is still a need for network segmentation in the zero trust era, but it needs to be software-defined. Otherwise, traditional network segmentation will be over-whelmed by the growing number of access and component interactions today’s applications require. Late… Continue reading
We recently completed a consulting engagement to create an authorization framework for a large financial services organization. As illustrated, the framework has three dimensions: Runtime authorization patterns, policy models, and governance structures.
The “runtime authorization patterns” describe the components, interfaces,… Continue reading
Security business case justification is always a complex task for two reasons. First, security earns its keep by reducing risk of losses, not by producing revenues. Second, estimating both the size of losses to security incidents, and the extent… Continue reading