World Wide Technology’s Matt Berry, Senior Director (Global Field Cyber CTO) and Jayson Yee, Senior IAM Practice Manager will review World Wide Technology’s cybersecurity practice and key technology providers, the realization of that practice in their live reference architecture they call their Advanced Technology Center (ATC), demonstrate Beyond Identity integrated with Palo Alto, Crowdstrike and Zscaler, and show how Zero Trust Authentication will protect their clients now and into the future. 

Transcription

Matt

Hey everyone, my name is Matt Berry. I'm the Global Field CTO of cybersecurity here at WWT. And today I'm here to talk to you about zero trust and zero trust authentication. 

As I think about the last 20 years of my career inside of cybersecurity, if I could sum it up in one word, it would be the word innovation. Technology is innovating at a breakneck speed. It's really amazing as I think about my own life, I grew up in a analog world in the '80s. 

I remember when my dad, he would be working, he would carry a pager on his belt, and if we needed to get ahold of him, we would call a number. We'd enter, you know, a special code that we had agreed upon together, and he would receive it and then literally pull over to the side of the road and go to what was called a payphone. 

Some of you who are on this video may not even know what that is, but he'd go to a payphone, put a quarter in, manually call our number right at home, and we would talk. And now as I think about my children that are growing up in this world today, I think for them it would be really difficult to envision a world without the internet and without smartphones and, you know, it'd almost be like, to me, thinking about growing up in my childhood without electricity. 

So, the speed of innovation is really phenomenal. It's great for us in the technology space, but it also creates a significant number of challenges, because that innovation is moving at a massive speed of acceleration. It's getting faster and faster and faster. 

And not only are we the recipients of that new technology and that new innovation, but our adversaries are also innovating. And one of the key areas that really is a tremendous amount of opportunity, but also a little bit terrifying, is a whole world of AI and open AI. 

I'm sure those of you in the security space, you've been playing around with ChatGPT. Just imagine when adversaries launch artificial intelligence weaponized malware. It's crazy to think about. So at World Wide Technologies, we talk to our customers about the speed of innovation. 

We talk a lot about this concept of idea to outcome. And when we're dealing with that tremendous speed of innovation, and you have all these different ideas of what you want to do, how you are going to implement new technology, you can end up a little bit with what I like to call, like, technology ADHD, where we run around looking for new features and new solutions, and we can easily get distracted from what our actual goal is or what the actual outcome is that we're looking to drive. 

And at World Wide Technology, we try to think in terms not only of outcome, but of business outcomes. Because whether you are a deep technologist or you are in management or leadership, ultimately we have to frame the solutions that we're bringing to bear in terms of business, business sense, in order to gain the support of the entire organization. 

And we have to go a step further from that and it's not only outcomes, not only business outcomes, but we want, we want secure business outcomes. So from a business standpoint, ultimately what we're looking to do, and what you should be looking to do is drive an overall reduction in risk. 

Do the business outcomes that we are driving towards, based on the technology that we're bringing to bear, do those outcomes help us reduce risk? First and foremost, that's what we're looking to do. The second, which I'll take if I can get it, is a reduction in cost. 

We're dealing with a financial downturn, and with this speed of innovation, we're talking about more technologies which require more investment. So if there's any way that we can frame the secure business outcomes in terms of a cost reduction, that gains you favor with the business, and that's where we can actually see these outcomes come to fruition. 

And thirdly, what we want to see is a reduction in complexity, whether that's through portfolio consolidation, whether it's through simplification of security policies and our authentication strategies that we implement around zero trust, we want to accomplish these things. 

So as World Wide, when we're working with our customers, we are thinking inside of these terms. Now, our customers are dealing with a pretty complex landscape. We're dealing with endpoint devices, we're dealing with storage devices and the cyber resiliency space, you're dealing with cloud, and not only one public cloud but multiple public clouds. 

We're dealing with private cloud. We live in a hybrid cloud world. There's a tremendous amount of complexity in the enterprise space. And unfortunately for those of us in this space, security has sort of come from a history of fear mongering where, you know, a lot of marketing around don't be the next person to get breached, and what we try to say at World Wide and really emphasize is, "Listen, we are on a journey together. Let's go after security together," right?

So, and in each of these spaces, so as we're working with our customers as we're approaching some of the most difficult, complex problems in the world, whether it's with a small healthcare company or one of the largest of the world's global financial banks, we're thinking in these terms and how can we together sort of reject that approach of fear mongering and really be focused on, you know, collaboratively sharing information and driving towards secure business outcomes. 

So, this is what we're dealing with. Now, if I were to change markers here, I'm just going to write this out for dramatic effect. Security touches everything. In each of these different domains, we need a security solution to be able to solve and really drive towards those business challenges. 

Now, in terms of security, there is an element of security that really becomes a foundation for what I believe it's going to become the foundation for everything that we do in the next decade, and that's identity. Identity. 

One of my former colleagues and mentors, he used to tell me, he used to say, "Matt, there's only three things that I care about. What is on my network, what is it doing and should it? What is on my network, what is it doing, and should it?" 

Now, he was speaking in terms of sort of the endpoint security domain, but if I can, I'd like to take that framework and put a zero trust identity and authentication spin on it, right? So, there's really three things that we need to think of in this concept, in this construct is, we need to understand who is on our network, we need to understand what device it is that the who is using to get onto the network, and then the third question is, we need to ask, like, can we trust the combination of these two things? 

Does that make sense? Because what has happened in terms of authentication in the past, this is sort of the historical formula, is as long as my user is authenticating onto a storage array, onto a website, onto a critical business application, as long as that authentication goes through, right? 

And it's matched to my profile in a active directory store or some sort of identity store, as long as I have that and I have some sort of device that has access to that resource on the network, then we sort of have this implicit trust that we extend to this problem set, right? 

Identity plus device equals trust. And we have seen over the years how our adversaries have leveraged this against us time and time and time again. So what we are helping our customers to understand and the journey that we're leading our customers on, again, driving towards that secure business outcome of security altogether, is we remove this implicit trust. 

And what is the removal of implicit trust? You end up with zero trust, which basically means we are no longer going to trust this combination on its own. 

And particularly when we're talking about authentication into critical business apps, talking about services, talking about your data, all of those things. So we're going to have a zero trust approach to access. Conditional access. 

So, as we are talking to our customers along this journey and we've led customers on this journey for a number of years, if I had to reflect and say what maybe three things that you should be thinking about, so the first one is basically the removal of end user stewardship. What do I mean by that? 

I've heard it said once that, end users, myself included, we're pretty poor stewards of our own security. And in the past, in this past construct, what have we been responsible for stewarding? It's been our password, right? So, you all know the stories that... 

You all know that one person that you've worked with sometime in your career who wrote their password on a post-it note and put it underneath their keyboard. But, what we see today is really, it's gone much beyond that. Just a couple weeks ago I received an email, it was a phishing email, and boy, it looked like an email from Amazon saying one of my packages was delayed and it was going to be sent back, and man, I almost fell for it. 

I almost clicked on the link, right, and fell subject to a phishing attack. So, for that very reason, it doesn't matter how well you educate your end users, how smart they are, whether they have a career in cybersecurity or not, they're going to be the weakest link. So, we remove the stewardship for the end user by leveraging passwordless technologies in the authentication space, which is why we partner with Beyond Identity to help our customers in that regard. 

The second area that we want to focus on is device assurance, and by that I mean we need to ensure, assure that the devices that are being used to access these critical resources on our network is in compliance with security policies. 

All of you who are technologists, you know there's a very large delta between established policy and compliance with those policies, and really device assurance attempts to reduce that delta, reduce that gap. And we do that through what I would call continuous monitoring. In this world or in this construct, we're constantly looking at the device to see, "Is it in compliance with policy? Does it have the right agents installed? Are the signatures in the configurations of those policies accurate and up to date?" 

And we don't just check it once when the user logs in through authentication, we continually reauthenticate that device. We continually re-certify that device to make sure that it is in compliance. And then the third area, and I think this is a critical area that often gets overlooked, and that is the integration of telemetry. 

Remember what I was saying back here about the enterprise, and we're dealing with a massive level of complexity. We're dealing with at least five different data sets from an endpoint perspective. You think about cloud, you're dealing with multiple different types of data sets and telemetry points, and we need to be able to get one holistic picture of what's going on across our enterprise at any given moment. 

That is a critical component of a zero trust model. So what we do in that integration of telemetry, we at World Wide leverage our advanced technology center to help our customers envision a world where multiple different disparate data sets can all be sent into the same funnel and be outputted into one consolidated data set or field of view against which we can run data analytics. 

We can bring our data scientists in and we can begin to build models around the full visibility of what's occurring in an environment, and empower our customers to be able to take that useful information so they're no longer looking for a needle in a haystack, but they have a very relevant usable set of data that they can use to inform this entire authentication process and beyond. 

So, that's a little bit about zero trust. It's a little bit about authentication and how we are responding to innovation in the world today. My name is Matt Berry, the Global Field CTO of Cybersecurity, and this was a lightboard session. 

Jayson

Hello, I'm Jayson Yee. I'm the IAM Director with WWT and I'm here with one more thing... Right now, in about 10 minutes or less, you could be experiencing everything you just heard from Beyond Identity and the partners. You can get your hands on your own identity instance featuring the WWT Advanced Technology Center. What the Advanced Technology Center is, it's actually a collection of hundreds of racks of equipment that are spread across a half dozen or so environments, that are there really to help you incorporate your technology in a robust sandbox. 

Basically what we're trying to do is get the sandboxes dedicated and built out to resemble the production environment as closely as possible. So, this is made available by WWT and it's something where we take a lot of pride in offering this for our client base and for our vendors. 

So, to get access, go to your favorite browser and put in WWT ATC in the search engine, and that will take you to the Advanced Technology Center. Here you can read up, maybe watch a quick video on what the ATC is. From here, type in Beyond Identity into the search bar up top and look for the Foundations Lab. Click on that Lab, and then it should take you to this page, second option is the Lab. 

Once you click there, the Lab will be shown in detail here and you'll be able to go through and get an idea for what's available and what the Foundations Lab looks like. This is the high-level overview of the environment, and again, this is just to give you an idea for what the Beyond Identity Lab looks like. 

This is the actual Lab you'll be targeting. From here, go back to, you'll be brought back to this page once you review the Lab diagram and the overview, and we'll go to the Explorer Lab tab up here. And once you're in that tab, click that button, it'll bring you to the registration page where you put your email address in, and it'll check your email. 

You'll get a code. The code will be populated as such, punch that in. Put your first and last name or however you'd like to be known, and then Create Account. You'll be brought back to this page where you click on Explorer Lab, and once we hit that button, we're actually being brought to the ATC Lab where we'll find our own jump box, and this is our own very... This is our own dedicated instance for the Beyond Identity Lab. 

On the left-hand side, you're going to see the solution overview and general environment and what we're trying to solve for and just really what Beyond Identity represents inside your instance. When you get to the desktop, you might be asked to update the Beyond Identity instance. 

So, if you can't do that, continue reading on the left-hand column, and that'll take you through our first use case for Beyond Identity. You're going to have three different use cases here. The first one's going to cover the authentication and registering your credentials, the second one is taking you to Okta, which is our IDP, and then the third one is your device posture basically making sure that the firewall's enabled on Beyond Identity. 

The second set of use cases, again, they're going to be three of them. One is setting up the CrowdStrike Falcon Sensor, and then checking the CrowdStrike ZTA which is Zero Trust Assessment Score to make sure that you meet the minimum criteria with that device. And then the third use case is going through and setting up the CrowdStrike Quarantine if a device doesn't meet that minimum ZTA score. 

So, once you, this is really to get you familiarized not just with Beyond Identity, but how it integrates with CrowdStrike for this example. This is available immediately to all WWT clients. If you go to register and you are not recognized as a client, you may have some follow up with the registration process. 

Feel free to contact your WWT POC, your point of contact, and we'll make sure that we get you access to the ATC. So, we're looking forward to have you there and get in and enjoy the ATC and your Beyond Identity Lab.