Interview with John Kindervag, the Godfather of Zero Trust Networking

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hey guys Stephanie here and I'm with John Kander vog a field CTO a pal about the network C's formerly security analyst and researcher at Forrester Research and also known as the godfather of zero trust networking right right so first of all why don't you just briefly describe the audience what zero trust networking architecture is it's a big buzzword a lot of people are talking about it so you know maybe you can just describe sure that is well zero trust is a new model of information security that takes the broken trust model that we have trusted networks and untrusted networks and we come to the conclusion that that is the fundamental problem that we have in security so we get rid of trust trust it turns out is a vulnerability and it's also an exploit at the same time so you're trying to get rid of trusts so the idea of zero trust is how much trust should we have a new digital system zero and then there's architectural things that we can do by applying zero trust principles and we can transform the way networks are built whether those are on-premise or in private clouds or in public clouds or in SAS services so the entire gamut of what IP is we can solve that solve a lot of the security issues by applying zero trust principles to it and so like a big part of that is like you know this whole like model that we've developed over the years which is like you know we have a trusted network and an untrusted Network and you're sort of saying like nothing should be trusted inherently like this way we're used to just allow unfettered access outbound from the firewall that's sort of a old way of thinking about things and we really need to break that apart if we want to achieve you know a true truly secure Network correct absolutely because I'm a former penetration tester as well network engineer and security energy engineering penetration tester boy we can always get insider network your penetration penetration tester will always be able to penetrate or intrude upon that network right and so you can't solve that problem you can protect the data that you have or the systems that you have but you can't keep everybody out because they have that broken trust model so so that's the key thing that we're focusing on here how do we actually have a way to protect the stuff that that damages businesses corporate reputations and leads to significantly negative outcomes for businesses themselves cool well like I said you've been described as The Godfather this is something that's been at work of I guess passion for you for a really long time think you said 11 years can you just tell us like how did you even develop this concept when you were at Forester I mean what was the spark that motivated you to really start thinking about this and developing this whole concept well the cool thing about foresters they give you freedom to think in completely different ways and they the mandate was figure out what's going wrong why are these Britain breaches happening and what should we do right and my background is a former qsa and network architect for PCI led me to understand that I could not really build PCI compliant networks in the hierarchical network architecture environment that existed and and a lot of that was because of the trust environment and so I came up with some some mandates around zero press that was really thinking about this word trust and realizing that it was the fundamental problem is where the word the term zero trust comes from and then the principles came out of seeing the failures that happen when you actually try to build secure networks because you don't know what you're actually protecting so we start to zero trust networks are designed from the inside out instead of the outside and for guys so we need to understand what we're protecting what data what applications what assets or what services that we protect I call that the protect service so that's the first thing figure out what you protect surfaces and build out from there I've got where is everybody else started at the very edge and built in and then they told people plug your stuff in wherever you want we don't care okay so we didn't even know what to protect how to protect gotcha okay and I've got just two more questions before we wrap up the next one is you know does the zero trust architecture change as we store to continue to evolve more and towards like cloud and especially around like endpoint mobility and that type of thing or does the concept still equally apply the car always apply strategically and as we get new technology that we can use to build zero trust environments whether they're in physical networks on endpoints whether those are laptops or whether those are mobile devices or whatever the next thing might be brain implants are those and then into cloud services the the ideas apply the technologies will always change though there are no zero trust products there are only products that we use when we build zero trust environments okay that's a key thing because a lot of people are out there pitching here's my cool new zero trust product all right no product makes you gives you a zero plus Network right not even ours I came to Palo Alto Networks from Forrester Research because having worked on the designs of over 40's zero trust no worse in my career my customers were independently of me choosing Palo Alto Networks as the backbone of their technology so it made sense to come here because this is the best backbone and that's why you chose to come here to leverage our security operating platform as the backbone of the zero trust okay but our our platform is not a zero trust product it is what it is the security operating platform that can help you make powerful zero trust networks more easily and more cost effective so there are no zero trust products right I did notice that there is a zero trust extended ecosystem in Palo is listed as like leader or there and there they're listed as one of the leaders in that and you were mentioning the surplus eco extended ecosystem that Forrester is doing and that's about the ecosystem that you use to build zero trust environments right and of course I think we were the leader because because that's why I came here right got you create something when you go there you only go there because you know that it's the best place to go for what your passion is gotcha and last before we wrap up here you know for the people that maybe want to follow you or just like learn more about zero trust is there any pointers that you can you know recommend and I'll be short a gluts and links at the bottom of the video here well we're we'll have some links for you on some of the stuff that we've created we're creating more more content on Palo Alto Networks column of course follow me on Twitter when I do new things I'll tweet about at kinder bog and then there's there's a zero trust private group on LinkedIn that you can join we're not that private really we seem to allow everybody in so so I don't know what that really means but but there is some content being shared amongst different people who think differently in that there's lots of different ways to think but but what I'm trying to do is protect stuff and make life safer protect a digital way of life for our customers certainly seems like you're doing it we really appreciate your time today you guys ever get a chance to see John speak I highly recommend it and thanks a lot for your time today thanks for sure - thank you Thanks

Info

Channel: ShortestPathFirst

Views: 797

Rating: 4.75 out of 5

Keywords: Palo Alto Networks, Industry Influencers, Zero Trust Networking, Zero Trust

Id: yo6Z7fIJ11A

Channel Id: undefined

Length: 7min 32sec (452 seconds)

Published: Tue Apr 30 2019