Governance & Risk Management , Video , Zero Trust
Network Security, Isolation Still Pose Zero Trust ChallengesZee Group's CISO on Why More Vendors Need to Focus on Network Security
Praveen Kumar, group CISO of Indian media conglomerate Zee Entertainment, says the market has failed to provide enough solutions towards network management and segmentation and therefore when an organisation is attacked, the scale of the attack increases exponentially. While a zero trust approach helps, he says, there are not enough tools available in the market which provides solutions covering the complete length and breadth of a Zero trust architecture.
See Also: On Demand | Simplifying your Security Stack with SSE Integration: Best Practices for Indian Organizations
"Zero trust means that you have to have a perimeterless security overview. This is easier said than done because there is always some part of perimeter which is always there. We need to create a virtual perimeter and ensure clear-cut boundaries between the virtual perimeter and other parts of network," says Kumar.
This can be done in a phased manner. The first phase is to understand the enterprise network. The network detection and response(NDRS) technology can help organizations to monitor as well as provide insights into the East West as well as the North South traffic of the enterprise, he says. "Based on the inputs we got from the NDR, we were able to find out the gaps in our network, based on the traffic and not on the inventory list that was created years back."
In this video interview with Information Security Media Group, Kumar also discusses:
- Why a "shift left" approach for network is so difficult;
- How CISOs can leverage NDR tools;
- His experience on how to isolate networks.
Kumar is a cyber transformation specialist who has led Zee Entertainment Enterprises' cybersecurity transformation and been instrumental in spearheading secure migration from on-premises to a hybrid, multi-cloud environment. He is an advocate of Zero Trust Network Architecture and has more than two decades of experience in technology and cybersecurity and is an Indian Navy veteran.