cerrar
cerrar
Su red del mañana
Su red del mañana
Planifique su camino hacia una red más rápida, más segura y más resistente diseñada para las aplicaciones y los usuarios a los que da soporte.
          Descubra Netskope
          Get Hands-on With the Netskope Platform
          Here's your chance to experience the Netskope One single-cloud platform first-hand. Sign up for self-paced, hands-on labs, join us for monthly live product demos, take a free test drive of Netskope Private Access, or join us for a live, instructor-led workshops.
            Líder en SSE. Ahora es líder en SASE de un solo proveedor.
            Líder en SSE. Ahora es líder en SASE de un solo proveedor.
            Netskope debuta como Líder en el Cuadrante Mágico™ de Gartner® para Single-Vendor SASE
              Protección de la IA generativa para principiantes
              Protección de la IA generativa para principiantes
              Learn how your organization can balance the innovative potential of generative AI with robust data security practices.
                Modern data loss prevention (DLP) for Dummies eBook
                Prevención moderna de pérdida de datos (DLP) para Dummies
                Get tips and tricks for transitioning to a cloud-delivered DLP.
                  Libro SD-WAN moderno para principiantes de SASE
                  Modern SD-WAN for SASE Dummies
                  Deje de ponerse al día con su arquitectura de red
                    Entendiendo dónde está el riesgo
                    Advanced Analytics transforms the way security operations teams apply data-driven insights to implement better policies. With Advanced Analytics, you can identify trends, zero in on areas of concern and use the data to take action.
                        Los 6 casos de uso más convincentes para el reemplazo completo de VPN heredada
                        Los 6 casos de uso más convincentes para el reemplazo completo de VPN heredada
                        Netskope One Private Access is the only solution that allows you to retire your VPN for good.
                          Colgate-Palmolive Salvaguarda su "Propiedad Intelectual" con Protección de Datos Inteligente y Adaptable
                          Colgate-Palmolive Salvaguarda su "Propiedad Intelectual" con Protección de Datos Inteligente y Adaptable
                            Netskope GovCloud
                            Netskope logra la alta autorización FedRAMP
                            Elija Netskope GovCloud para acelerar la transformación de su agencia.
                              Let's Do Great Things Together
                              La estrategia de venta centrada en el partner de Netskope permite a nuestros canales maximizar su expansión y rentabilidad y, al mismo tiempo, transformar la seguridad de su empresa.
                                Soluciones Netskope
                                Netskope Cloud Exchange
                                Netskope Cloud Exchange (CE) provides customers with powerful integration tools to leverage investments across their security posture.
                                  Soporte técnico Netskope
                                  Soporte técnico Netskope
                                  Nuestros ingenieros de soporte cualificados ubicados en todo el mundo y con distintos ámbitos de conocimiento sobre seguridad en la nube, redes, virtualización, entrega de contenidos y desarrollo de software, garantizan una asistencia técnica de calidad en todo momento
                                    Vídeo de Netskope
                                    Netskope Training
                                    La formación de Netskope le ayudará a convertirse en un experto en seguridad en la nube. Estamos aquí para ayudarle a proteger su proceso de transformación digital y aprovechar al máximo sus aplicaciones cloud, web y privadas.

                                      What the White House’s Cybersecurity Executive Order Gets Right–And What We’d Like To See More Of

                                      May 17 2021

                                      Netskope applauds the White House’s Executive Order on Improving the Nation’s Cybersecurity, especially the rigor with which short-term deadlines and some clear-cut plans of action are described. 

                                      DarkSide ransomware and the attack on the Colonial Pipeline is just one recent example of events that have disrupted national critical infrastructure and put the privacy and safety of millions of individuals at risk. Public-private partnerships have never been more important than they are today, and tight, politics-free collaboration is imperative if we’re to evolve our cyber defenses. We are pleased to see the Biden Administration stepping up to support this hugely important priority, and we plan to continue Netskope’s work with government, industry, and our customers and partners to further this agenda.

                                      A continuous Zero Trust mindset


                                      The White House’s Executive Order highlights many specific areas of interest for not only federal government security, but how we should be thinking about security and network architecture everywhere. As the Executive Order notes: 

                                      “To keep pace with today’s dynamic and increasingly sophisticated cyber threat environment, the Federal Government must take decisive steps to modernize its approach to cybersecurity, including by increasing the Federal Government’s visibility into threats, while protecting privacy and civil liberties. The Federal Government must adopt security best practices; advance toward Zero Trust Architecture; accelerate movement to secure cloud services, including Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS); centralize and streamline access to cybersecurity data to drive analytics for identifying and managing cybersecurity risks; and invest in both technology and personnel to match these modernization goals.”

                                      According to the Executive Order, agency heads are required to update existing agency plans, develop a plan to implement Zero Trust Architecture based on current NIST migration steps, and report on progress—within 60 days of the order. This is powerful, not least because it helps bring Zero Trust back down to earth from how over-marketed the term has become in recent years. It helpfully frames Zero Trust in architecture terms—something Netskope has also underscored and that we’re seeing as common to the success of our many customers worldwide. 

                                      In a modern architecture, Zero Trust principles should be judiciously applied, adaptively and continuously. But today, many organizations don’t have much more than isolated “Zero Trust projects” focused on networks, users, devices, or isolating servers. The main miss on most of these projects is that they are focused on application-level access and other pieces, but not focused on the data. Architecturally, we must go beyond access control and isolation to provide continuous Zero Trust: real-time access and policy controls that adapt on an ongoing basis based on users, devices, apps, threats, and data context. 

                                      This data-centric approach is the only effective way to dynamically manage risk across a mix of third-party applications and a remote-first workforce that needs always-on access to cloud apps and data to stay productive. As the Executive Order calls out in Section 10, item K: 

                                      Zero Trust Architecture embeds comprehensive security monitoring; granular risk-based access controls; and system security automation in a coordinated manner throughout all aspects of the infrastructure in order to focus on protecting data in real-time within a dynamic threat environment.  This data-centric security model allows the concept of least-privileged access to be applied for every access decision, where the answers to the questions of who, what, when, where, and how are critical for appropriately allowing or denying access to resources…”

                                      Proper application of Zero Trust principles is also a critical step toward Secure Access Service Edge (SASE) architecture. SASE isn’t specifically mentioned by the White House’s Executive Order, but as the Order explains, applying Zero Trust at an architectural level means “a set of system design principles, and a coordinated cybersecurity and system management strategy based on an acknowledgment that threats exist both inside and outside traditional network boundaries.” In other words—and crucial to SASE—yesterday’s security and network technologies and designs won’t even start to address the prevalence of cloud-delivered threats or attacker abuse of cloud apps, or the increasingly acute need for security and networking teams to more effectively converge and collaborate

                                      A call for transparency

                                      In general, the attention paid to cloud security by the Executive Order is refreshing.  It reads as a present-day discussion, covering everything from compliance to information sharing, rather than describing cloud and the need to secure data accessed from the cloud as some kind of “coming thing” that agencies still have plenty of time to prepare for. 

                                      Investing in people, processes, and technologies that properly implement Zero Trust controls in a cloud-first IT environment will do a lot to prevent and mitigate attacks, and the Executive Order discusses the need for transparency as a means to strengthen areas such as supply chain security. The Executive Order also asks various stakeholders to recommend to the Federal Acquisition Regulatory (FAR) Council an updated framework for contract language identifying the nature of cyber incidents that require reporting, the types of information regarding cyber incidents that require reporting, time periods within which contractors must report cyber incidents “based on a graduated scale of severity,” and other factors, including contract language. This is all well and good. 

                                      However, there is a bigger picture aspect to this that the Executive Order does not cover. How will our education system make cybersecurity a core piece of the curriculum, such that we can drive young people to adopt cyber careers early on and think of it as a rewarding, aspirational career path? We will make gains in the present by evolving how we think about security architecture. But we need to ensure a future in which our citizens, at a young age, are trained and have the right resources to uplift our cyber capabilities. This is another area where the current administration could make an enormous impact.

                                      As you consider how your current defenses stack up against the ever-changing security landscape, use the free Netskope SASE Assessment to measure your readiness. For more on how to properly apply Zero Trust principles, get your copy of our Zero Trust Leading Practice white paper.

                                      author image
                                      Sanjay Beri
                                      Sanjay brings more than two decades of innovation and success in the cloud, networking, and security industries.
                                      Sanjay brings more than two decades of innovation and success in the cloud, networking, and security industries.

                                      ¡Mantente informado!

                                      Suscríbase para recibir lo último del blog de Netskope