The Bridge to Zero Trust Virtual Event was a resounding success! Our attendees received expert guidance and learned about the essential steps to take as they move towards zero trust security. Top cybersecurity and IT experts joined us to discuss the combination of identity, authentication, network architecture, and endpoint detection and response technologies, all of which will strengthen any organization’s cybersecurity efforts.
We were thrilled to have 973 attendees from 58 countries join us for this event. They learned about the need for continuous authentication, the truth about zero trust and what it means for cybersecurity, and why Zero Trust Authentication is the best foundation for their zero trust architecture. If you missed it, don't worry, you can still watch the event. Here's a recap of each session and links for viewing.
Dr. Chase Cunningham
Dr. Chase Cunningham (also known as Dr. Zero Trust) was our first speaker for the event. He reviewed the current state of zero trust, talked about why enterprises look to modernize identity and access management first, and then he talked about how authentication is at the critical intersection between identity and security.
Chase, like you, acknowledges that zero trust has become a buzzword in the industry. But that doesn’t make it unimportant.
“Zero trust is not a product. It is not a singular technology. It requires strategic alignment; it requires technology optimization; it requires human optimization; and it requires business cases to validate why we need to do this.” -Chase Cunningham
Chase wrapped up his session by talking about the importance of authentication as you build your zero trust framework: Everything in this engine that is the digital ecosystem revolves around access, authentication, authorization.”
Megan Shama, FIDO Alliance
Our next speaker was Megan Shamas of the FIDO (Fast Identity Online) Alliance. Megan shared FIDO’s viewpoints and predictions for how authentication will change in the near future and she talked about what you can do now to get ahead of that change.
As Megan pointed out, “authentication is a fundamental component of any zero trust strategy.”
She lists several reasons why you should get rid of passwords, saying they are:
- Easily phished
- Easily guessed
- Easy to give away
- Reused across services
- The burden of security falls on the user to create and change them
“Historical ways of looking at authentication cannot hold up in a zero trust approach.” -Megan Shama
She summed up one common theme we saw in all of the sessions perfectly, “We need to rethink this idea of strong authentication or multi-factor authentication if we’re ever going to get to zero trust.”
Authentication meets the zero trust ecosystem
The next session was a leadership panel featuring:
- Doug Good, Senior Vice President of Sales Engineering for the America for Palo Alto Networks
- Chris Kachigian, Senior Director of Global Solution Architecture for CrowdStrike
- Aubrey Turner, Executive Advisor of Ping Identity
- David Manks, Vice President of Global Strategic Alliances at BeyondTrust
The panel discussed how to harness the power of endpoint detection and response and next-generation application access in authentication to close vulnerability gaps and accelerate zero trust. One of the values of this session was that each panelist brought a different perspective to the topic of zero trust and authentication. They all agreed, however, that continuous authentication is a key factor in achieving Zero Trust Authentication.
Accelerate zero trust objectives
John Masserini, a Senior Research Analyst with TAG Cyber, brought together a group of industry leaders to discuss how advances in authentication that embrace and incorporate zero trust principles can materially improve the secure posture of organizations of any size. John was joined by:
- Marcos Christodonte II, Global Chief Information Security Officer at CDW
- Kevin Dana, Vice President of Information Technology at World Wide Technology
- Allen Jeter, Director of Business Technology Engineering at Chainalysis
Once again, continuous authentication was of primary importance to the panelists.
The four V’s of zero trust:
- Verify the human or the machine
- Validate zero trust risks on a continuous basis
- Void excess or risky access
- View risk signals on a continuous basis
-Marcos Christodonte II
The panelists also discussed how to communicate the importance of zero trust to board members and company executives. Kevin recommended bringing the opportunity to deploy passwordless authentication into the conversation. As he stated, passwordless authentication creates a better overall user experience and helps mitigate attack vectors.
Harnessing endpoint detection and response
“Having control of users; having the visibility and actually being able to go back and enforce corrections and actions on a per transaction basis becomes extremely important.” -Chris Kachigian
The final leadership panel discussed the massive innovation in endpoint detection and response and secure application access and how to harness the power of those innovations in the authentication process and in closing vulnerability gaps as you build out your zero trust framework.
Kurt Johnson of Beyond Identity was joined by:
- Doug Good, the Senior Vice President, Sales Engineering for the Americas at Palo Alto Networks
- Chris Kachigian, Senior Director of Global Solution Architecture at CrowdStrike
- David Manks, Vice President of Global Strategic Alliances at BeyondTrust
- Aubrey Turner, Executive Advisor at Ping Identity
Continuous authentication was once again discussed as a vital part of the zero trust journey. Chris also discussed the importance of tying identity to both user and device.
Zero Trust Authentication
The final keynote speaker, Beyond Identity Co-Founder and Chief Technology Officer Jasson Casey, reviewed the key requirements of Zero Trust Authentication:
- Phishing-resistant MFA
- Validates user device
- Assesses device security
- Incorporates risk signals from security tools
- Manages continuous risk assessment
- Integrates with existing security infrastructure and tools to acquire data
He also discussed the newest innovations in identity and authentication that power authentication, dramatically improve IT’s control over their environment, and represent a step-change in user experience.
At the end of the session, Beyond Identity Chief Marketing Officer Patrick McBride shared a new book written by renowned industry expert Jon Friedman, Zero Trust Authentication: Securing User and Device Access for a Distributed, Multi-Cloud World. We’re pleased to offer you a free copy of the book, which is packed with actionable insights on how to power zero trust across your organization.
In addition to the keynote sessions and panel discussions, the event offered a series of workshops highlighting the benefits of Beyond Identity’s integrations in deploying Zero Trust Authentication.
Beyond Identity’s Technical Director, Chris Meidinger, reviewed CrowdStrike’s approach toward zero trust and how its core Falcon platform can both inform Beyond Identity’s Zero Trust Policy Engine to provide continuous, real-time user and device verification and take action to secure the environment when endpoints go out of compliance
Aubrey Turner of Ping Identity showcased a secure authentication flow using Ping’s DaVinci identity orchestration platform integrated with Beyond identity to ensure user and device trust.
Palo Alto Networks’ Doug Good highlighted the company’s suite of zero trust security technologies and how its technology cooperation with Beyond Identity can enable zero trust access to applications and data.
David Manks and Adam White from BeyondTrust reviewed how privileged access management combined with Zero Trust Authentication from Beyond Identity can secure identity and access pathways continuously in real time to achieve zero trust identity and access management.
Matthew Lally, Technical Manager at Optiv, showed the assessment steps they use with clients to plot zero trust principles against a maturity and capabilities framework applied to key security domains, from authentication to containment and remediation, which can be used to assess and build your security strategy and action plan for the world of zero trust.
World Wide Technology’s Senior IAM Practice Manager, Jayson Yee, shared about World Wide Technology’s cybersecurity practice and key technology providers and their live reference architecture—their Advanced Technology Center (ATC). He also demonstrated Beyond Identity integrated with Palo Alto, CrowdStrike, and Zscaler, and showed how Zero Trust Authentication will protect their clients now and into the future.
If you missed the Bridge to Zero Trust Virtual Event, don't worry! You can still watch the event and learn about the essential steps you need to take as you move towards zero trust security. Don't miss out on expert guidance from top cybersecurity and IT experts. Check out the recap of each session and follow the links to view the event. Strengthen your cybersecurity efforts today!