Search
X

Webinar Recording

Identity Under Attack: How to Build a Resilient Zero Trust Strategy

Our Speakers

Andre Priebe
Chief Technology Officer

Andre has been responsible for iC Consult's product and service portfolio as Chief Technology Officer since 2013. With more than 20 years of experience in Identity & Access Management, he ensures iC Consult's leading position in cutting-edge technologies and the most efficient methods around digital identities. He actively promotes the exchange of knowledge among iC Consult's top experts and advises our strategic clients on the design of their identity strategy.

As a globally recognized expert in CIAM, IoT, API and MFA, Andre has successfully built global CIAM solutions with millions of users and devices and implemented MFA for more than 100,000 users in over 100 locations worldwide.

Andre holds a patent for DevOps related IAM methodologies and has an engineering degree and an MBA.

Roger Halbheer
Chief Security Advisor

Watch the Webinar:

YouTube Video

Timestamped Summary

Key Insights

Timestamped Summary

Building a resilient zero trust strategy is essential for organizations to protect against increasing identity attacks by prioritizing identity security, continuous assessment, and effective communication.

00:00:00

Building a resilient zero trust strategy is crucial as identity attacks rise, driven by sophisticated methods that exploit vulnerabilities in digital supply chains and expose millions of user records.

00:06:32

Build a resilient security strategy using the cybersecurity framework and zero trust model, focusing on continuous assessment of identity, devices, and networks.

00:11:58

Microsoft is adopting a passwordless identity protection strategy while emphasizing the need for strict security measures and assuming breaches to verify user identity and device compliance.

00:16:35

To establish a robust Zero Trust strategy, organizations must enforce application compliance, utilize telemetry, manage device access, and balance cloud migration with on-premises systems.

00:20:59

Organizations must adopt a Zero Trust strategy by prioritizing identity as the perimeter, minimizing VPN use, and enhancing security through cloud applications and adaptive access control.

00:26:34

Building a resilient zero trust strategy requires effective communication, continuous access evaluation, identity protection, and comprehensive visibility over devices to adapt to evolving cybersecurity threats.

00:33:22

Modernizing security with a zero trust mindset is crucial for protecting identities and devices against sophisticated attacks through collaboration and strong leadership.

00:38:32

Integrating Saleoint PAM with Entra strengthens zero trust by enhancing identity management, emphasizing continuous authentication, and fostering collaboration to combat rising cyber threats.

Key Insights

Core Zero Trust Principles

  • Microsoft’s zero trust journey spans 8 years, emphasizing it’s a continuous process requiring ongoing effort to strengthen posture, not a one-time project with a defined end.

  • The approach assumes breach from the start, verifying each user’s identity and location, ensuring admins have no standing access, only elevated privileges for specific tasks.

Implementation Strategies

  • Microsoft implemented adaptive access control with different identities and devices for varying levels of access and security, including specialized devices and accounts for financial and admin access.

  • The journey involved vendor consolidation to the Microsoft platform, device management, endpoint protection, and application proxy to make applications internet-facing and eliminate VPN needs.