How has your zero trust strategy shifted in the last year, if at all? (And if nothing’s changed, how are you thinking about evolving it in the next year or so?)

Security Strategy & Roadmap Identity & Access Management (IAM)

701 views3 Comments

Sort by:

Chief Information Security Officera year ago

We're accelerating our journey, rather than changing it, by adding more capabilities for users to securely access core services from wherever they're working, with least privilege access, and greater visibility and control around data access and flows. That's a lot of buzz words, but the goal is a technical platform that can be as agile as the business needs it to be, with the appropriate security controls and monitoring in place around that access and activity.

In short, Zero-Trust efforts are enabling us to operate with more agility in more places, so we're moving faster to get them deployed and operationally effective.

Director of Information Security in Services (non-Government)2 years ago

As business goals and strategies are remaining fluid, the approach to zero trust follows as well. The goal of replacing a VPN solution with a solution that also simplifies security management is a high priority. Continuous authentication of sessions regardless of the user's physical location is still a top concern.

Director Information Security in Healthcare and Biotech2 years ago

There are components of zero trust we're working on adopting, but overall, it's not a core focus given other priorities. There's a lot of investment required to get to true zero trust along with a shift in user behavior that takes time.

Content you might like

We’re evaluating a new ERP. Our company, PROENERGY is a vertically integrated power partner (gas plant design/build, O&M, manufacturing including our PE6000 turbine, and 2.6 GW ERCOT operations).

Considering: SAP Public Cloud, Oracle Fusion Cloud, Microsoft Dynamics, IFS, and Infor Construction Cloud.

Key needs: manufacturing, complex structure with built-in consolidation/reporting, long-range planning, procurement/inventory, and core accounting.

We use Microsoft Dynamics today for CRM/Field Service. Biggest concerns: implementation partners and support resources.

Would love your thoughts.

Are you concerned that potential cuts to CISA’s funding/headcount (in the proposed Fed budget for 2026) could lead to increased cyber risks to your org?

Extremely concerned8%

Very concerned33%

Moderately concerned56%

Slightly concerned3%

Not at all concerned

View Results

What are the toughest cultural or operational challenges that come with implementing a zero-trust policy, in your experience? How did you tackle those issues when they came up?

How are you addressing technical debt risk resulting from AI coding tools? Have you established specific processes to manage vulnerabilities in AI-generated code, and are you collaborating with software engineering or other teams using these tools?

In the next 6 months, which will your company do?

Invest more in eCommerce34%

Maintain the current investment in eCommerce60%

Invest less in eCommerce4%