As you may have noticed from reading this newsletter, we’ve been focusing much of our BeyondCorp community efforts towards showcasing the practitioners who have worked on, are working on, or are planning to work on implementing a Zero Trust security architecture in some form or fashion at their organization. We’ve seen a wide range of perspectives in this regard, which we will continue to highlight as we did at the BeyondCorp Community Lounge during RSA.
As an outcome of the Q&A sessions at our RSA event, one of the participants, Kuba Sendor, Engineering Manager at Yelp, posted the video on LinkedIn with a call out that he is hiring to help make Yelp more secure! In that spirit, I did some digging on LinkedIn for open positions that are seeking out skill sets and understanding of BeyondCorp and Zero Trust. I was pleased to find a lot of great non-vendor examples, which are listed below.
What’s consistent amongst these is the focus on Zero Trust as a cloud-native security architecture. Keyword: architecture. This isn’t just about learning a new product or specification, it’s about approaching infrastructure and security from a fresh perspective that goes beyond the usual compliance-oriented bullet points (no pun intended).
We’re not the only ones looking to elevate practitioners – our good friends over at Square who run a fantastic monthly community event called Square r00t have also put out a call for participation. If anyone in the bay area is interested in sharing their story, and would like an introduction, reply to this email and I’ll make it happen.
I’ll make a point to showcase any new job postings related to BeyondCorp and Zero Trust. In the meantime, here are a few other things that caught my eye this past week.
How Businesses Need to Adapt Security Frameworks for the Office of the Future [InfoSecurity Magazine]
One of the challenges organizations face in the modern cloud era, and one that plays well to the Zero Trust architecture, is managing remote workers. This article speaks to the need for a security framework that can effective support a mobile workforce. This is one of the factors that led Google down the BeyondCorp path, and a key component to any Zero Trust environment.
Smashing Silos and Building Bridges in the IT-Infosec Divide [DarkReading]
One thing I’ve noticed from the organizations who adopt the Zero Trust framework is the close relationship between IT and Security. The traditional conflicts are lifted in favor of supporting automated environments that are secure without impacting productivity. Culture is critical to get right in any organization, and it often starts with smashing silos as this article suggests.
Zero Trust: Why ‘cyber insurance’ offers no GDPR compliance [CSO Online]
Here’s an interesting take I hadn’t really considered – there is no GDPR insurance (yet?) Regardless of your beliefs towards cyber insurance, the risks associated with GDPR are simply too high. Protecting and reporting on customer data is of the utmost importance, and as this article suggests, you are better off investing in getting the architecture right with Zero Trust than trying to sweep the burden under the rug through an insurance policy.
In case you missed it, ScaleFT will be at Okta’s annual Oktane conference in Las Vegas next week. We’ll be showcasing how our platform integrates with Okta to deliver a true Zero Trust architecture.
If you’ll be there, make sure to visit our booth – #EE6. You can schedule a time for a personal demo here or just stop by any time during the conference.
We’ll also be throwing a happy hour right after the final keynote on Thursday. Join us for Beyond Oktane18 at Herringbone, from 4PM - 7PM.
That does it for this week. Check back this time next week for another set of relevant news, articles, and events. Cheers,
Ivan at ScaleFT