"Zero Trust is the strategy that organizations need to implement to stay ahead of cyber threats, period. The industry has 30 plus years of categorical failure that shows us that our past approaches, while earnest in their efforts, have not stopped attackers. Zero Trust strategically focuses on and systematically removes the power and initiatives hackers and adversaries need to win as they circumvent security controls. This book will help you and your organization have a better understanding of what Zero Trust really is, recognize its history, and gain prescriptive knowledge that will help you and your enterprise finally begin beating the adversaries in the chess match that is cyber security strategy."
Dr. Chase Cunningham (aka Dr. Zero Trust), Cyberware Expert
Today’s organizations require a new security approach that effectively adapts to the challenges of the modern environment, embraces the mobile workforce, and protects people, devices, apps, and data wherever they are located. Zero Trust is increasingly becoming the critical security approach of choice for many enterprises and governments; however, security leaders often struggle with the significant shifts in strategy and architecture required to holistically implement Zero Trust.
This book seeks to provide an end-to-end view of the Zero Trust approach across organizations’ digital estates that includes strategy, business imperatives, architecture, solutions, human elements, and implementation approaches that could significantly enhance these organizations' success in learning, adapting, and implementing Zero Trust. The book concludes with a discussion of the future of Zero Trust in areas such as artificial intelligence, blockchain technology, operational technology (OT), and governance, risk, and compliance.
The book is ideal for business decision makers, cybersecurity leaders, security technical professionals, and organizational change agents who want to modernize their digital estate with the Zero Trust approach.
Author Biography:
Abbas Kudrati, a long-time cybersecurity practitioner and CISO, is Microsoft Asia's Chief Cybersecurity Advisor. Abbas works with customers on cybersecurity strategy, how Microsoft sees the threat landscape, how we are investing in the future of security at Microsoft, and how organizations can take advantage of Microsoft's security solutions to help improve their security posture and reduce costs.
In addition to his work at Microsoft, he serves as an executive advisor to Deakin University, LaTrobe University, HITRUST ASIA, EC Council ASIA, and many security and technology startups. He supports the broader security community through his work with ISACA chapters and student mentorship. He is also a part-time professor at Deakin University, Melbourne, Australia and a regular speaker on Zero Trust, cybersecurity, cloud security, governance, risk, and compliance.
Abbas has received multiple industry awards, such as "Business Leader/ Professional of the year 2021 by IABCA," "Top Security Advisor for APJ for the year 2020 and the year 2019," "Best Security Professional of the year 2018," "CISO 100 Award 2018," "Finalist for Australian CISO of the year 2015," "IT Governance Professional of the year 2014," and "Security Strategist of the year 2011."
He graduated from Gujarat University, India, with a bachelor's degree in Accounting and Auditing and is a certified Forrester Zero Trust Strategist, CCISO, CISM, CISA, CGEIT, CPDSE, and CSX-P, among other professional certifications.
Binil Pillai is a strategic-thinking business development professional with 23 years of multifaceted experience building relationships, cultivating partnerships, retaining customers, and growing profit channels by establishing trust. As Global Director of Security, Compliance and Identity (SCI) business at Microsoft, Binil is responsible for partner strategy and business development and works with corporate executives and partners to evangelize security as a foundational capability to accelerate a secure digital transformation journey for customers. Binil has experience in security product development, managed security product marketing, and led worldwide security go-to-market and sales activations. He was the business architect who designed and launched the Business Value Analysis (BVA) model to quantify security risk exposure for B2B customers. Before joining Microsoft, Binil worked as a regional practice manager for Deloitte Consulting's strategy and operations practice. His business strategy consulting experience spans business transformation, corporate strategy alignment, post-merger integration, adoption and change management, customer relationship management, IT strategic planning, and more, with a wide range of companies and government agencies. He is also a board adviser to several start-ups to help grow their business successfully.
Binil is passionate about establishing a coaching culture to improve learning and performance, make the most of the people's potentials and deliver sustainable results. As a PROCI-certified change management practitioner, Binil embraces the leadership accountability to take a step-by-step approach that helps the organization achieve success, no matter how complex the system, process, method, or culture need to affect or transform. Binil graduated from INSEAD in Business Strategy & Financial Acumen and has a master's in business administration. He is TOGAF certified enterprise architect and account-based marketing (ABM) professional from ITSMA.
He has also published a book for Wiley (Title - Threat Hunting in the Cloud: Defending AWS, Azure and Other Platforms Against Cyberattacks) and many thought leadership documents. His recent publications are "How COVID-19 Changes Small Medium Enterprise (SME) Priority on Security," "Identity - Building Trust in a Digital World," "How Does Your Cybersecurity Posture Need To Change?," and "What Does It Take To Protect Your Workplace?".
Technical Editor Biography
David Fairman is an experienced CSO/CISO, strategic advisory, investor, and coach. David has extensive experience in the global financial services sector. David is currently the APAC CSO for Netskope helping customers manage their digital and cyber risk programs in addition to working across industry with the aim of making the digital economy a safer place to do business. Furthermore, David is a Partner and CISO-in-residence at SixThirty Ventures, driving innovation and helping build great technology companies. Previously, David was the Chief Security Officer (CSO)at NAB owning all aspects of Physical Security, Fraud, Investigations and Cyber Security. Prior to NAB, he was the Group Chief Information Security Officer (CISO)for the Royal Bank of Canada. David has been a senior leader atJP Morgan Chase & Co as Deputy Technology Controls Officer and Global Head of Technology Risk and Control. David has also held several senior roles at the Royal Bank of Scotland (RBS), including CISO RBS Americas and Head of Information Security EMEA.
David has lived and worked in Australia, the UK, the Netherlands, and the USA. David was raised and educated in Australia where he received his Bachelor of Information Technology in Software Engineering and Computer Science. He holds a Master of Business Administration and a Master of Project Management. David began his career in Information Security while serving in the Royal Australian Air Force's Electronic Warfare and Communications group, where he gained valuable experience in the technology, policy and process aspects of security and risk management. Subsequently, David worked in a variety of roles in technology and cyber, including in the utilities sector (gas and electricity). David holds a number of positions on boards of directors and was a founding member of the Security Advisor Alliance (www.securityadvisoralliance.org), and the Canadian Cyber Threat Exchange. During his tenure at NAB, David was the Chair for the Board of Directors for the Australian Financial Crimes Exchange and spear headed the formation of a taskforce involving the big 4 banks, AFP, ASD and ACSC to detect and disrupt cyber-crime impacting Australia. David also advises several VC funds and Cyber Security companies. Recently, David was recognized in the Top 50 Australian Professionals, as profiled by the Top 100 Magazine. David has also been named as one of the Top 10 CISOs to know, http: //www.information-management.com/gallery/Chief-Information-Security-Officer-CISO-List-Trends-10027134-1.htmland is recognized as a thought leader in the cyber security industry as profiled by K-Logix here, https: //www.klogixsecurity.com/blog/david-fairman-ciso-royal-bank-of-canada. David co-authored "Cyber Risk" (2016), and co-edited "Fintech: Growth and Deregulation" (2018) published by Risk Books. David is passionate about education. He has held Adjunct Professorships at both the University of New York and the University of Toronto and is currently working with Deakin University in Australia. David currently resides in both Melbourne and Brisbane, Australia.
