The 0.1.2: July Edition

Posted: Tuesday July 11, 2023
Author: Jason Garbis

Popcorn, an Unreliable Power Adapter, Widgets, and a Zero Trust Readiness Survey

It may be the middle of summer (at least here in the Northern Hemisphere), but things haven’t slowed down in our Zero Trust orbit. The team at Numberline Security has been busy, and we’re pleased to have some great new content to share with you.


So grab some popcorn, and dive into this month’s newsletter.
(For your popcorn, we recommend Brady Street Cheese Sprinkle, from our friends at Penzeys Spices.)

To receive future editions of this this newsletter via email, subscribe here.

News

  • Zero Trust Readiness Survey

We often hear that enterprises are looking for an objective evaluation of their readiness for a Zero Trust journey, and we’ve delivered: We’re pleased to announce the Zero Trust Readiness Survey, a free 10-minute self-assessment that creates a customized and actionable report tailored to your enterprise. No homework or prep work is required, and the report will provide you with guidance along each of the five Zero Trust Maturity Model pillars.

  • The State of Zero Trust

Speaking of surveys, we’ve also released our mid-year State of Zero Trust enterprise survey results. This survey of approximately 100 enterprises captures their current state, priorities, and needs. The upshot: our theory about the current early state of Zero Trust was reaffirmed, although we did discover one surprising result related to budgets. 

  • Widgets (did someone mention widgets?)

Our favorite fictional enterprise, Bob’s House of Widgets, is continuing with their Zero Trust journey for their new line of cloud-connected smart widgets. Bob and team are smartly prioritizing security for this new platform, and naturally taking a Zero Trust approach. In our latest episode, we talk about Data security. 

The View from Point Zero:

By Jason Garbis, Founder of Numberline Security

Assisted by Scully, the world’s only dog with AWS, Azure, and GCP accounts.

Earlier this year, my family and I were getting ready to depart for a weeklong vacation, and I needed to bring my work computer, which is an “older” device. I’d committed to participate in some important virtual meetings, finish some writing and client work, and give an in-person presentation while on vacation. I’d noticed in the months before the trip that the power adapter’s cable had started to fray, but (foolishly, as it turned out) I ignored it. I was busy, right? And the adapter worked fine with some occasional manipulation, so why did I need to put in the effort and expense to replace it? 


You know where this is going. 


Inevitably, the adapter cable failed…24 hours before our flight departed. All of a sudden, this became an urgent imperative for me. I had to scramble to find a local store that had the right adapter in stock, and drive 35 minutes (each way) to pick it up that afternoon. At the expense of rescheduling meetings and deferring other work.

In the grand scheme of things, this ended up being a minor inconvenience. But the timing for the adapter failure could have been much worse–I could have been in a foreign country with no ready access to a replacement adapter, and faced with a potentially very expensive fallback plan of being forced to purchase a new computer. 

Adopting Zero Trust is similar to this. Our traditional security architectures are like that frayed cable–sure, they mostly work, as long as we continue to manipulate them. But we know that they’re going to fail. And, if we’re unlucky, are faced with an immediate, unplanned, and expensive remediation.
Zero Trust is a demonstrably better way to approach security, and gives us a much more capable, reliable, automated, and effective way of defining and enforcing security policies.

As security leaders, you have a responsibility to prioritize the adoption of Zero Trust, and to treat it with the appropriate urgency. I get it–you and your teams are busy with day-to-day tasks. But remember that frayed power cable. Don’t wait for your current infrastructure to fail you in a disruptive and expensive manner. Be proactive, and get started on its replacement today. It will pay dividends down the road.

Upcoming

  • The Demo Forum: Zero Trust and Cloud Security Meetup
    I’ll be on the panel, Zero Trust is Coming to a Roadmap Near You on Wednesday July 12, at 4pm. 
  • CSA Webcast panel on Aug 17: Understanding the Two Zero Trust Maturity Models: CISA & Forrester
    I’m moderating an all-star panel featuring John Kindervag, Chase Cunningham, and Sean Connelly and John Simms from CISA. Registration link here.

We hope you enjoyed this. To receive future editions of this newsletter via email, subscribe here.