The transition to remote working has placed immense pressure on IT teams and infrastructure from the network layer to the data centre, with tens of thousands of new WFH endpoints, accelerated scale to multiple clouds, VPN challenges and security gaps.

Australia has faced more attack campaigns, continued nation state threats, and the increasing cost and impacts of breaches or ransomware.

Meanwhile, new regulations must also be assessed, along with sovereignty issues and growing third party risks.

While these challenges are ongoing, many organisations are now turning their attention to the next phase of cyber security: the zero trust model.

 

Rather than relying on corporate intrusion prevention systems, Dell Technologies’ Chief Technology Officer, John Roese, adopts zero trust security to remote working regardless of the need to harden applications against public and consumer networks threats.

From a security perspective, what I will tell you is in the remote world, the best approach to security today really boils down to a zero-trust model where you, quite frankly, shift the paradigm from trusting anybody and assume that all of your technology is compromisable.

Zero-trust is just a technology approach, but it’s not widely used, and in many cases, people are getting to it. But if you want to build that remote user, you’re out in the real world. It’s an exposed environment, and zero-trust is likely the right path.

ADAPT Research, and Advisory clients can watch Dell Technologies’ CTO full presentation on how zero trust supplements physical trust in a virtual environment.

 

ADAPT’s Senior Research Strategist, Aparna Sundararajan, says zero-trust frameworks must be embedded through automated due diligence processes to safeguard business assets effectively.

What do we know about trust? That trust is a vulnerability. The first thing that the zero trust framework tells us is not to trust people irrespective of who they are.

But most of the interviewees said that we work in good faith, and we trust what they have put in their questionnaires: the certifications and every other step of the process.

We absolutely, of course, are understaffed or do not have the time or even not given the time by the business to do all those checks and balances. And that, of course, adds burn to your cyber security talent.

Aparna explores how Australian CISOs focus on third-party risks in her presentation at Security Edge.

 

As CTO of 1.5 billion online payments business, PayPal, Sri Shivananda optimises tech-fuelled growth with the shift to a zero trust security model to protect customer and employee data.

People being in 39,000 offices worldwide, as I call them, means a completely new paradigm in terms of the safety and security of customer data, employees themselves and so on.

The endpoint attack vector now moved to homes. You have to consider a new paradigm in how you secure that.

We accelerated the journey on zero trust architecture in what we were already doing, but we accelerated that very, very quickly and put that in place.

Sri Shivananda discusses the more leading large-scale transformation of Paypal’s infrastructure into zero trust architectures.

 

Though a zero trust architecture is the postcard destination, Restaurant Brands International’s former CISO, Shawn Bowen, a more realistic overview of putting safeguards in place where legacy systems exist instead.

We still have some legacy pieces, but it’s about segmenting and sandboxing some of those pieces. We had a Windows XP machine that was the crane for our distribution centre. We lost our largest distribution centre in Canada for all of our coffee and pastries if that went down.

I had to live with that Windows XP, so it was about understanding that environment. Again, this is that risk perspective of what can I layer around it and use as itself and accept that it itself won’t be in a zero-trust state, but that environment has the appropriate barriers.

I don’t think we’re going to get to a ZTA, zero trust architecture, 100% for a while because many of our corporations depend on some legacy stuff. That’s about appropriately putting the safeguards in place for those.

Discover Shane’s full presentation demonstrating how security enables business resilience and customer trust.

Join our community for more executive presentations, community interviews, Australian tech trends, and fact-based research.

Contributors
Aparna Sundararajan Senior Research Strategist
Aparna Sundararajan leads the emerging and disruptive technology research agenda within ADAPT’s strategic advisory team. As Senior Research Strategist, her role is... More

Aparna Sundararajan leads the emerging and disruptive technology research agenda within ADAPT’s strategic advisory team. As Senior Research Strategist, her role is to create independent advice for the Australian C-Suite around emerging technologies, trends and investment priorities and developing industry leading content for the ADAPT portfolio of Edge events.

As a technology analyst and marketer, Aparna aligns the burning issues of senior executives with digital business dynamics and emerging technology capabilities to create strategic advice for ADAPT’s Members and Strategic Partners.

Aparna has had 12 years working in the IT services sector, much of it with Gartner, where she developed independent advice for senior IT managers on the emerging roles and responsibilities they face in digital technologies, digital customer behaviour, and business model transformation.

 

Less
Sri Shivananda EVP, CTO at PayPal
Sri Shivananda plays a critical role in shaping PayPal’s technology strategy in his role of Executive Vice President, Chief Technology Officer (CTO).... More

Sri Shivananda plays a critical role in shaping PayPal’s technology strategy in his role of Executive Vice President, Chief Technology Officer (CTO).

Sri has driven the transformation of PayPal’s large-scale infrastructure, platforms and applications. As Sri has led PayPal through this transformation, he’s ensured the PayPal platform can grow and integrate with emerging technologies, preparing PayPal for a future of financial services that will increasingly rely on algorithms and anticipating customer needs.

In his role, Sri also oversees Technology Platforms & Experiences, leading a talented team responsible for the company’s secure, reliable, scalable and evolving global infrastructure and strategic core platform, the foundation that enables PayPal to deliver world-class services for PayPal’s consumers and merchants.

Prior to his appointment as EVP and CTO, Sri was CTO and Senior Vice President of Global Platforms and Infrastructure, directing his team of technologists to drive massive growth at scale across a completely disruptive payments platform. Sri was responsible for all core technologies covering PayPal’s data centers, internal private cloud, online and offline data infrastructure, internal developer frameworks and tools, and various platform services.

Before PayPal, Sri was with eBay for more than 15 years, working his way up from a software engineer to Vice President of Global Platform and Infrastructure. As VP, he was responsible for the company’s technology infrastructure that powered the eBay Inc. businesses, including eBay’s hundreds of millions of listings and PayPal’s millions of payments every day. Sri found his way to eBay via the acquisition of Deja.com.

Sri’s passion for technology is echoed by the emphasis he places on supporting his talent. A geek at heart, he is widely recognized as a hands-on executive with a passion for innovation. He is a leader in building high performing teams, mission-driven in his approach of nurturing high potential talent and a champion for women in technology. In addition, Sri serves on the board of F5 networks.

Less
Shawn Bowen Global Head of IT Security & Compliance (CISO) at Restaurant Brands International (USA)
RBI is the parent company to Burger King, Popeyes, and Tim Hortons. Shawn is responsible for establishing the strategic direction, instituting comprehensive... More

RBI is the parent company to Burger King, Popeyes, and Tim Hortons. Shawn is responsible for establishing the strategic direction, instituting comprehensive programs, and leading the Global IT Security and Compliance for Corporate, Supply Chain, Restaurant, and Consumer Technology along with building a thorough consumer privacy framework across the parent company and three iconic brands. He will join us for a live video interview and Q&A.

Less
Security Compliance