Eliminating risks from IoT and OT devices with Zero Trust
In its October 2019 Zero Trust eXtended Ecosystem Wave Report, Forrester calls IoT (Internet of Things) and OT (Operational Technology) device security, “one of the hardest problems to solve within the enterprise.” As unmanaged devices become commonplace on networks, security and risk professionals must rethink the concept of identity and expand their Zero Trust initiatives to include such devices.
During last year as well, Forrester named Forescout as a Zero Trust platform, thanks in part to foundational capabilities that align very closely with Forrester’s ZTX framework.
To explain how the Zero Trust framework works within the Forescout platform, we have joining us today on CGE Radio Jonathan Jesse, Sr. Systems Engineer & Customer Evangelist, with Forescout Technologies.
As a part of his role at Forescout, Jonathan leads the Operational Technology Subject Matter Expert group to help others understand, sell, and use the SilentDefense product. Throughout his time at Forescout, Jonathan has helped solve problems for State and Local governments in the States, higher education in both Canada and the United States and also Fortune 500 customers in both the United States and Canada. Prior to being at Forescout, Jonathan spent 11 years as an Endpoint Security Consultant which shapes how he talks about securing the Enterprise of Things.
Hear about what Zero Trust is all about, why companies are interested in this architecture, how Zero Trust work, understanding Forescout’s solution of the Zero Trust framework, enabling your organization to achieve Zero Trust, continuous visibility and assessment of devices, simplify micro-segmentation planning within the context of the Zero Trust framework, and how to return to the workplace in a secure way.
Forescout Research Labs recently announced that it has discovered AMNESIA:33, which is a set of 33 vulnerabilities impacting millions of enterprise IoT, OT, and IT devices worldwide. These vulnerabilities affect four open-source TCP/IP stacks and attackers could leverage them to execute malicious code, perform denial of service attacks and expose sensitive information.
Of these vulnerabilities, four are considered critical and it’s important to begin immediately mitigating the risk posed to your organization. To view the resources available, visit Forescout.com/AMNESIA:33 or:
· Click here for the AMNESIA:33 Explainer Video
· Click here to watch the AMNESIA:33 Webinar
· Click here to download the AMNESIA:33 Technical Report
· Click here to read the Executive Summary
· Click here for the AMNESIA:33 White Paper
· Click here to read “The Unseen Risk Facing the Enterprise of Things” blog
· Click here to read “AMNESIA:33 – Forescout Research Labs” blog
To learn more best practices and tools for Zero Trust with Google BeyondCorp, visit https://research.google/pubs/pub43231/.