Skip to main content
Exploring what’s next in tech – Insights, information, and ideas for today’s IT and business leaders

Zero trust informs all enterprise security

As hackers continue to circumvent the best security efforts of organizations large and small, a zero trust approach to identity and access management may be the best defense.

Every day, hackers from well-organized and well-funded entities including criminal groups and nation-states are working hard to breach your network for financial and other gains. And as cybersecurity experts have warned repeatedly, it is no longer a question of if you'll be a target but when.

Today, organizations are fending off everything from ransomware and zero-day exploits to supply chain breaches and a slew of other sophisticated attacks. How worried should you be? Very. As Aruba CTO Simon Wilson puts it, "If you've built a 10-meter wall, they're going to build a 12-meter ladder. It's an arms race—there's no question about it."

That's why many organizations are now bolstering their security arsenal with a different approach to protecting their data: zero trust. Under a zero trust model, all activity on the corporate network is viewed as untrustworthy until proven otherwise.

But along with zero trust, experts emphasize the need for other measures, including network microsegmentation to avoid lateral movement by attackers, initiatives to better train users and provide them with the right techniques and tools, and of course, a focus on good cyber hygiene and security basics.

To learn more about these best practices and why zero trust is fast becoming the default model for securing networks, check out some of our top stories.

How do we trust the untrustable?

"Cybersecurity attacks have reached epidemic proportions," says Dr. Eng Lim Goh, senior vice president and chief technology officer for artificial intelligence at Hewlett Packard Enterprise. From taking down financial networks and other critical infrastructure to forcing hospitals offline and endangering lives, cybercriminals are targeting organizations large and small across industries—and the risks are growing.

What makes 'critical software' critical?

An Executive Order from the Biden administration has endorsed the philosophy of zero trust for IT security. It orders the government to identify "critical software" and take special measures to protect it.

Constant scrutiny is the key to making zero trust happen

The U.S. government's order to "advance toward zero trust architecture" is a compelling start, but how do you make zero trust a real thing? Without full trust in hardware and system software, the model isn't possible. New approaches are needed.

Zero trust: Because no one is safe from attacks

What do the Danish government, EasyJet, and Experion South Africa have in common? Combined, they exposed the data of tens of millions of citizens and customers over the past year. As hackers up their game, the zero trust model is increasingly seen as the best way to keep networks protected. This episode of Technology Untangled explains how it works.

Making better security practical: 5 steps to microsegmentation

When attackers access your network—and they will—they establish a toehold and move laterally to more valuable systems. The best way to limit the number of lateral movements attackers can perform is microsegmentation. With aggressive segmentation of the network, IT gains the control it needs to enable a zero trust architecture.

Get the security basics right—it could prevent catastrophe

Wide-reaching hacks such as SolarWinds and others may have security teams thinking that they should focus on preventing supply chain breaches, zero-day vulnerabilities, and other sophisticated attacks. But companies that have good cyber hygiene and consistently stress security basics prevent more attacks and find intrusions faster.

The key to zero trust security? Changing human behavior

People are usually the weakest link in the cybersecurity chain, falling prey to phishing schemes that give malicious actors an entryway into the corporate network. When users don't know how to be appropriately circumspect in computing situations, the organization leaves itself open to attack. But with the right training, tools, and techniques, users can protect themselves and the organization.

How enterprises are securing themselves with zero trust

You've heard it before, but it bears repeating: COVID-19 changed everything, and the quick shift from the office to working from home introduced new types of security threats. A zero trust model, along with user education and adjustment to a hybrid IT world, is key as traditional notions of enterprise security disappear.

7 best practices for closing the IT security gap

The list of security best practices can be long, and implementing them can be difficult. That means companies have to prioritize the most important ones. As these seven best practices highlight, high-performing teams implement innovative security techniques like zero trust and technologies like machine learning.

Zero trust makes business secure by default

In their rush to digitally transform, enterprises are increasingly turning to hybrid IT models. But they often find that conventional identity and access management doesn't keep up. While there's no easy answer, many are implementing zero trust, an approach to identity and access management that establishes that no user or software action is trusted by default.

This article/content was written by the individual writer identified and does not necessarily reflect the view of Hewlett Packard Enterprise Company.