ConvoCourses

Cyber Security Compliance and IT Jobs

Episodes

Aug 17, 2024

1hr 53 min

Check out Will Reed at Better Every Day Cyber:
https://bettereverydaycyber.com/

Aug 13, 2024

2hr 7 min

http://convocourses.net
My focus on this one was purely answering tiktok, youtube questions live. 
Join us next time at 1pm MST SAT

Jul 29, 2024

1hr 49 min

http://convocourses.net

Jul 28, 2024

17 min

http://convocourses.net

Jul 15, 2024

1hr 49 min

http://convocourses.net

Jul 10, 2024

1hr 56 min

http://convocourses.net

Jul 7, 2024

51 min

http://convocourses.net

Jun 29, 2024

1hr 34 min

video:
https://youtube.com/live/_Qz7VAIaQDI
 
http://convocourses.net

Jun 27, 2024

1hr 12 min

https://youtube.com/live/l_jx9KjeJkI
http://convocourses.net
 
The Zero Trust security model is a cybersecurity framework that operates on the principle of "never trust, always verify." Unlike traditional security models that rely on a strong perimeter defense, Zero Trust assumes that threats can come from both outside and inside the network. Therefore, no user or system should be trusted by default, regardless of whether they are inside or outside the network perimeter.
Here are the key principles and components of the Zero Trust security model:
Verify Explicitly: Authenticate and authorize based on all available data points, including user identity, location, device health, service or workload, data classification, and anomalies.
Least Privilege Access: Limit user access with just-in-time and just-enough-access (JIT/JEA), risk-based adaptive policies, and data protection to reduce the risk of lateral movement.
Assume Breach: Assume that a breach has already occurred or will occur. Minimize the blast radius and segment access by using micro-segmentation and real-time threat detection and response.
Micro-Segmentation: Divide the network into smaller, more manageable segments to prevent lateral movement of threats within the network.
Continuous Monitoring and Validation: Implement continuous monitoring and validation of user and device activity to detect and respond to anomalies in real-time.
Strong Authentication: Use multi-factor authentication (MFA) and other advanced authentication mechanisms to ensure that only legitimate users can access resources.
Device Security: Ensure that devices accessing the network are secure, trusted, and compliant with security policies.
Data Protection: Encrypt data at rest and in transit, and implement data loss prevention (DLP) measures to protect sensitive information.
 
Implementing a Zero Trust security model requires a shift in thinking and architecture, involving the integration of various security technologies and practices to create a robust and adaptive security posture.

Jun 25, 2024

1hr 47 min

http://convocoures.net

Copyright 2022 All rights reserved.

Podcast Powered By Podbean

Version: 20241125