The desire to take advantage of the modern cloud-native paradigm has forced many enterprises to rush to production with Kubernetes and containerized applications. Often, the incorrect expectation with cloud-native adoption is that Ops teams would be able to easily transition their existing security and operational practices, workflows and tooling to these new software development platforms and everything would still work as before.

Over the past 28 months, two significant events happened which will change the way we build our IT networks. First, obviously, the pandemic. March 2020 caused the workers of the world to move their office cubes to their basements, bedrooms or even the family kitchen table. Remote work became essential for the economy to function. To facilitate access, we saw mass adoption of Zero Trust Network Access (ZTNA) technologies which do not require heritage based solutions like IPSec VPNs.

Welcome to the ZTNA Collection, a curated list of the top favorite Zero Trust Network Access assets. Enjoy the array of glossary pages, blogs, videos, and whitepapers all specific to ZTNA thought leadership. What is Zero Trust Network Access (ZTNA)? Zero Trust Network Access (ZTNA) Created in April of 2019 by Gartner, the term Zero Trust Network Access (ZTNA) represents a set of new technologies designed for secure access to private applications.

The Center for Internet Security’s Critical Security Controls has become an industry standard set of controls for securing the enterprise. Now on version 8, the original 20 controls are down to 18 with several sub controls added. The first six basic controls can prevent 85 percent of the most common cyber attacks, and even though the controls have been developed with traditional data centers and process in mind, there is no reason they can’t be adapted to DevOps practices.

In the two years proceeding from the beginning of the COVID-19 pandemic, the business world has been transformed on a grand scale. Organizations have created more data than ever before, data is now spread across a wider attack surface, putting it at a heightened risk of becoming a compromised risk. The manner and location of data storage and correspondence has had to shift to meet the needs of remote and hybrid workers, with companies being forced to take a more rigorous approach to data security.

Our research has revealed that 80% of security professionals have experienced increased security threats since shifting to remote work. To stay protected against attacks and reduce the chances of losing significant amounts of money, putting their users at risk, or destroying their reputation, organizations must do more to innovate against email risks. In our most recent report, Cybersecurity experts' views on email risk within Microsoft 365, we identify many of the risks Microsoft 365 users face.

Kubernetes is the de-facto container management platform of today and the future. It has increased the scalability and flexibility of applications and eliminated vendor lock-in. Kubernetes also brings a lot of security native features; however, with security, the devil is always in the details. By default, the security of cloud services, applications, and infrastructure is not in the scope of Kubernetes. This does not mean that running Kubernetes is destructive and makes your applications vulnerable.

When most people speak of any city government, they often mention words like “Bureaucratic”,“Behind the times”, and “Slow.” This is especially true when considering cybersecurity initiatives. However, a small town in Texas is changing that view. Seguin, Texas, which was once the smallest Texas city to have a full-time cybersecurity employee, was the only government entity to be named in the CSO50 2022 Awards.

Building a HIPAA-compliant security program is a very time intensive and demanding undertaking. It can also be confusing, as satisfying requirements like the HIPAA Security Rule require extensive interpretation and documentation on the part of security professionals. However, by arming yourself with knowledge before beginning the process, you can cut down on unnecessary difficulties.

While cybersecurity is deeply rooted in the tech and digital space, you might be surprised to find that many cybersecurity jobs don’t require coding or programming skills. Cybersecurity professionals can find careers with both technical and non-technical backgrounds. To succeed in the field of cybersecurity, it’s far more important to be analytical, solutions-driven, and well-versed with technology.