July 1, 2019
Zero Trust

Protect, Detect, Deter, Respond is Not a Security Strategy

Corey Williams – Idaptive
Corey Williams Vice President, Marketing

Protect enterprises from data breaches by evolving from a traditional perimeter defense to a Zero Trust approach.

Zero Trust

The last few weeks haven’t been kind to cybersecurity. From the healthcare organizations tasked with handling our most sensitive patient records to startups that are supposed to be the vanguard of tech and immune to this sort of thing — no organization is genuinely safe. And no matter the strength of the defensive postures that might be put in place, it seems that malicious actors are still able to circumvent them and break through. 

That’s because most organizations today have the wrong approach when it comes to cybersecurity. 

The majority of executives today believe that bolstering protection against security vulnerabilities should be their number one priority — when, in fact, 80 percent of breaches today are the result of default or stolen passwords according to the Verizon Data Breach Investigations Report

It’s not their fault; fancy zero-day attacks and stolen NSA tools steal the headlines and make cybersecurity seem like complicated stuff. What is clear is what’s not working. A strong perimeter “barrier” is no longer effective. It’s just not possible to separate the “good guys” from the “bad guys” (and they are likely inside the gates already). Passwords alone can’t stand up to the breadth and sophistication of today’s relentless attacks. 

Technology by itself won’t eliminate the risk or guarantee that information stays safe without first implementing the right strategy and practices. 

A prominent industry analyst summed things up nicely at a sold-out cybersecurity summit I recently attended: 

“People will say, ‘We’re doing things. We’re working on it,’” he said. “Well, guess what Target’s strategy was before the breach? Protect, detect, deter, respond. Guess what OMB’s strategy was before the breach? Protect, detect, deter, respond. That’s not a strategy. Those are things that you do. Those are pieces of it.”

He’s right. “Protect, detect, deter, respond” is not a security strategy. It’s a reaction to the forces at play in the cybersecurity world today. 

That’s why Idaptive has been built around a proven approach that does actually reduce data breaches: Zero Trust. 

Zero Trust is a foundational approach to cybersecurity that ensures every person and device granted access are who and what they say they are. It’s the single most important step a company can take to help themselves make sense of the increasing complexity tied to cybersecurity and identity & access today. The philosophy that defines Zero Trust is “never trust, always verify,” which ensures that every user is verified, every device is validated, and access is intelligently limited — every time. Studies have shown that companies adopting this approach experience 50 percent fewer breaches, while also reducing the overall cost of access technology by an average of 40 percent. 

“If you stand up and say, ‘Our security strategy is to work towards a Zero Trust infrastructure.’ There it is,” this prominent industry analyst concluded. “One sentence. Everyone can get behind that.” 

So, stay tuned in the coming weeks as I dig into the steps your organization can take to adopt a Zero Trust base, including how to make existing and new technology work and how to get your teams to buy-in to Zero Trust. If you’re serious about taking your cybersecurity to the next level and keeping sensitive information safe, you won’t want to miss them. 

Corey Williams

Corey Williams – Idaptive
Corey
Williams
Vice President, Marketing

Corey Williams is the Vice President of Marketing & Strategy and lead evangelist for Idaptive, leading all marketing functions, as well as market development and strategy. Corey served as the Senior Director of Products and Marketing for more than a decade at Centrify where he was the visionary behind, and the first product manager of, the set of products that were ultimately spun out of Centrify to become Idaptive, including leading SaaS services for Single Sign-on (SSO)Adaptive Multi-factor Authentication (MFA)endpoint and mobile context, and User Behavior and Risk Analytics (UBA).

 While at Centrify, Corey defined and brought to market seven net-new product offerings directly contributing to the growth of the existing customer base from less than 400 customers to over 5000 customers. He also led efforts with major industry analysts that directly resulted in Centrify being named as a leader in all of the major analyst reports including the Gartner Magic Quadrant and Critical Capabilities reports for Access Management, Worldwide; Forrester IDaaS Wave; KuppingerCole Cloud MFA Leadership Compass; and Network World Clear Choice Winner for Single Sign-on Solutions.

Corey is a frequent speaker and commentator on IT Security and IT Management. He has authored several publications, including “Zero Trust Security for Dummies”, a leading guide for enterprise managers.

Prior to Centrify, Corey led products and marketing for SpikeSource (acquired by Black Duck Software), Syndera (acquired by Tibco), and Journee Software (acquired by Initiate Systems). Earlier in his career, he managed pre- and post-sales consulting for Active Software (acquired by webMethods). 

Corey holds degrees in Mathematics (BS) and Computer Science (BS) from New Mexico State University, as well as an MS in Engineering and an MBA from San Jose State University. 

CHAMELEON-LIKE SUPERPOWER

If Corey could have any chameleon-like superpower, it would be the chameleon's tongue, which is ridiculously fast. Some of the world's smallest chameleons have the world's fastest tongues. In automotive terms, the tongue could go from 0 to 60 miles per hour in a hundredth of a second! “I would be able to complete webinars in 4.5 seconds instead of 45 minutes!”