Essential Components of a 'Zero Trust' ArchitectureCISO Erdal Ozkaya Describes the Steps to Take
The key components of an effective “zero trust” architecture include multifactor authentication, network segmentation, and a defense-in-depth approach, says Dr. Erdal Ozkaya, regional CISO and managing director at Standard Chartered Bank in the United Arab Emirates.
See Also: Case Study: The Road to Zero Trust
"In a ‘zero trust' model, identity and micro-segmentation play a key role in enhancing existing network security by shrinking the trusted network to each server's IP address to enable … authorization of the users," Ozkaya says.
In this video interview with Information Security Media Group, Ozkaya emphasizes the importance of having the right security cloud partner who can apply multiple layers of authentication and access control mechanisms. He also offers insights on:
- How an identity-centric approach works in a 'zero trust' environment;
- Improving access control mechanisms;
- Building a business case for a 'zero trust' approach.
As regional CISO at Standard Chartered Bank, Ozkaya oversees all assurance activities related to the availability, integrity, and confidentiality of customer, business partner, employee and business information in compliance with the organization's information security policies. He has co-authored several cybersecurity books as well as security certification courses and exams for different vendors. He is the recipient of several awards including, Global Future Security Leader, Super Hero CISO (2020) Cyber Security Professional of the year MEA, Hall of Fame by CISO Magazine, Cybersecurity Influencer of the year (2019), Microsoft Circle of Excellence Platinum Club (2017), NATO Center of Excellence (2016).