In this video we are going to explore the zero trust model:
- A fundamental strategy to mitigating online threats.
- The zero trust model is a must do security control that if you're not using. You should be!
Let's find out if you are.
-
Nathan House is the founder and CEO of StationX. He has over 25 years of experience in cyber security, where he has advised some of the largest companies in the world. Nathan is the author of the popular "The Complete Cyber Security Course", which has been taken by over half a million students in 195 countries. He is the winner of the AI "Cyber Security Educator of the Year 2020" award and finalist for Influencer of the year 2022.
Nice video! Do you have anything on micro segmentation?
Hi Nathan,
I’ve done a few of your courses so far and all I can say is, please keep them coming!
It seems to me that just about every service online (Facebook, Twitter, Email providers, ISPs, etc) are explicitly setup in a way to de-anonymize a user.
It’s practically impossible to setup a Twitter profile, for instance, without there being some attribution back to the user.
Mobile phones are inherently insecure. Companies now embed tracking in firmware… it’s crazy!!
Staying anonymous online is, like you say, basically impossible.
And yet, cyber crime is rampant and the people committing the crimes are very hard to track down.
Are we law biding people who just want to retain some privacy and anonymity online missing a trick?
As a result of your courses I’ve been able to minimise risk in my online activities, but looking at the future, with everything on the horizon (IoT, AI, mass surveillance, robotics, implants) I am afraid of what lies ahead.
Keep up the great work
Mr Robot
So am I. One day ISPs might force their own certificate into our browsers to see into our encrypted traffic!
That’s the day I roll my own browser, based on lynx, running own a linux OS I compiled myself.
Joking aside, this kind of thing will force people to create their own internet that runs either deep inside the current one or airgap separated over radio comms.
It’s ridiculous. Let’s hope some sensible people in government sees the light.
A zero trust model recognises that – never assume everything in your system is protected by firewalls because there are chances of security breaches or other types of cyber attacks.
Radius servers are a magnet for wannabe hackers.
I ended up having to completely offline a testlab server due to this fact because every genius and their dog was trying to brute force the radius server.
Lucky I have no quota because I noticed network degradation and saw 55mbps continuously on the outbound traffic in network performance.
No wonder my other servers were suffering bandwidth issues amongst other things.
Further investigation showed a wall of lsass.exe processes in task manager this belonging to IPv4 addresses all over the world.
This demonstrated rapidly why such systems tend not to be internet-facing without some other form of defence.
If not already done a tutorial on best practices for sysadmins would be fantastic.
Thanks Nathan.
What is going on with log4j vulnerability?
What was said is absolutely correct. I did not think of the advice and cost me much time and fees.