As a seasoned CIO/CISO and tech industry analyst with 35 years of experience, I’ve seen my fair share of cybersecurity incidents. However, the recent CrowdStrike outage stands out due to its extensive impact across multiple sectors. Here’s a deep dive into what happened, the repercussions, and the lessons we can all learn from this incident. Background and Initial Reaction I started my journey in IT in the late ’80s when I wrote a piece of software called PleadPerfect. Over the years, I’ve worn many hats—engineer, architect, and executive at both large and small companies. For the last 18 year ..read more

It is common in today’s workforce to find multiple generations working alongside each other. While to some extent this has always been the case, the shape of society itself has changed, with our potential workforce able to offer businesses productive contributions more flexibly and for far longer. Yet, innovative practices for how we organize work and our workforce are seemingly changing more slowly. Multigenerational diversity provides a landscape for varied backgrounds, experiences, and values, which, if creatively embraced, will lead to rich discussions and multifaceted approaches for accom ..read more

Welcome to the final post in our zero trust blog series! Throughout this series, we’ve explored the key components, best practices, and strategies for building a comprehensive zero trust architecture. We’ve covered everything from the fundamentals of zero trust to the critical roles of data security, identity and access management, network segmentation, device security, application security, monitoring and analytics, automation and orchestration, and governance and compliance. In this post, we’ll summarize the key insights and best practices covered throughout the series and provide guidance o ..read more

Welcome to the next installment of our zero trust blog series! In our previous post, we explored the critical role of monitoring and analytics in a zero trust model and shared best practices for building a comprehensive monitoring and analytics strategy. Today, we’re shifting our focus to another key enabler of zero trust: automation and orchestration. In a zero trust model, security must be dynamic, adaptive, and continuous. With no implicit trust granted to any user, device, or application, organizations must be able to quickly and consistently enforce security policies, detect and respond t ..read more

Welcome back to our zero trust blog series! In our previous post, we took a deep dive into API security and explored best practices for securing this critical component of modern application architectures. Today, we’re turning our attention to another essential aspect of zero trust: monitoring and analytics. In a zero trust model, visibility is everything. With no implicit trust granted to any user, device, or application, organizations must continuously monitor and analyze all activity across their environment to detect and respond to potential threats in real-time. In this post, we’ll explor ..read more

In an age where cyber threats are growing exponentially, traditional security measures are no longer sufficient. At RSAC 2024, Cisco’s Jeetu Patel and Tom Gillis made a compelling case for the transformative power of AI in cybersecurity during their keynote presentation, “The Time is Now: Redefining Security in the Age of AI.” Their insights provide a roadmap for how AI can enhance cybersecurity, moving defenses from reactive to proactive. The Critical Role of AI in Cybersecurity Consider the overwhelming flood of data that cybersecurity analysts face daily. Information pours in from numerous ..read more

Welcome to the latest installment of our zero trust blog series! In our previous post, we explored the importance of application security in a zero trust model and shared best practices for securing cloud-native and on-premises applications. Today, we’re diving deeper into a critical aspect of application security: API security. In the modern application landscape, APIs have become the backbone of digital communication and data exchange. From microservices and mobile apps to IoT devices and partner integrations, APIs are everywhere. However, this ubiquity also makes them a prime target for att ..read more

Welcome back to our zero trust blog series! In our previous post, we discussed the importance of device security and explored best practices for securing endpoints and IoT devices. Today, we’re shifting our focus to another critical component of zero trust: application security. In a world where applications are increasingly distributed, diverse, and dynamic, securing them has never been more challenging – or more critical. From cloud-native apps and microservices to legacy on-premises systems, every application represents a potential target for attackers. In this post, we’ll explore the role ..read more

Welcome to the next installment of our zero trust blog series! In our previous post, we explored the importance of network segmentation and microsegmentation in a zero trust model. Today, we’re turning our attention to another critical aspect of zero trust: device security. In a world where the number of connected devices is exploding, securing endpoints has never been more challenging – or more critical. From laptops and smartphones to IoT sensors and smart building systems, every device represents a potential entry point for attackers. In this post, we’ll explore the role of device security ..read more

Welcome back to our zero trust blog series! In our previous posts, we explored the importance of data security and identity and access management in a zero trust model. Today, we’re diving into another critical component of zero trust: network segmentation. In a traditional perimeter-based security model, the network is often treated as a single, monolithic entity. Once a user or device is inside the network, they typically have broad access to resources and applications. However, in a zero trust world, this approach is no longer sufficient. In this post, we’ll explore the role of network segm ..read more