閉める
閉める
明日に向けたネットワーク
明日に向けたネットワーク
サポートするアプリケーションとユーザー向けに設計された、より高速で、より安全で、回復力のあるネットワークへの道を計画します。
          Netskopeを体験しませんか?
          Netskopeプラットフォームを実際に体験する
          Netskope Oneのシングルクラウドプラットフォームを直接体験するチャンスです。自分のペースで進められるハンズオンラボにサインアップしたり、毎月のライブ製品デモに参加したり、Netskope Private Accessの無料試乗に参加したり、インストラクター主導のライブワークショップに参加したりできます。
            SSEのリーダー。 現在、シングルベンダーSASEのリーダーです。
            SSEのリーダー。 現在、シングルベンダーSASEのリーダーです。
            Netskope、2024年ガートナー、シングルベンダーSASEのマジック・クアドラントでリーダーの1社の位置付けと評価された理由をご確認ください。
              ダミーのためのジェネレーティブAIの保護
              ダミーのためのジェネレーティブAIの保護
              ジェネレーティブ AI の革新的な可能性と堅牢なデータ セキュリティ プラクティスのバランスを取る方法をご覧ください。
                ダミーのための最新のデータ損失防止(DLP)eBook
                最新の情報漏えい対策(DLP)for Dummies
                クラウド配信型 DLP に移行するためのヒントとコツをご紹介します。
                  SASEダミーのための最新のSD-WAN ブック
                  SASEダミーのための最新のSD-WAN
                  遊ぶのをやめる ネットワークアーキテクチャに追いつく
                    リスクがどこにあるかを理解する
                    Advanced Analytics は、セキュリティ運用チームがデータ主導のインサイトを適用してより優れたポリシーを実装する方法を変革します。 Advanced Analyticsを使用すると、傾向を特定し、懸念事項に的を絞って、データを使用してアクションを実行できます。
                        レガシーVPNを完全に置き換えるための6つの最も説得力のあるユースケース
                        レガシーVPNを完全に置き換えるための6つの最も説得力のあるユースケース
                        Netskope One Private Accessは、VPNを永久に廃止できる唯一のソリューションです。
                          Colgate-Palmoliveは、スマートで適応性のあるデータ保護により「知的財産」を保護します
                          Colgate-Palmoliveは、スマートで適応性のあるデータ保護により「知的財産」を保護します
                            Netskope GovCloud
                            NetskopeがFedRAMPの高認証を達成
                            政府機関の変革を加速するには、Netskope GovCloud を選択してください。
                              一緒に素晴らしいことをしましょう
                              Netskopeのパートナー中心の市場開拓戦略により、パートナーは企業のセキュリティを変革しながら、成長と収益性を最大化できます。
                                Netskopeソリューション
                                Netskope Cloud Exchange
                                Netskope Cloud Exchange(CE)は、セキュリティ体制全体で投資を活用するための強力な統合ツールをお客様に提供します。
                                  Netskopeテクニカルサポート
                                  Netskopeテクニカルサポート
                                  クラウドセキュリティ、ネットワーキング、仮想化、コンテンツ配信、ソフトウェア開発など、多様なバックグラウンドを持つ全世界にいる有資格のサポートエンジニアが、タイムリーで質の高い技術支援を行っています。
                                    Netskopeの動画
                                    Netskopeトレーニング
                                    Netskopeのトレーニングは、クラウドセキュリティのエキスパートになるためのステップアップに活用できます。Netskopeは、お客様のデジタルトランスフォーメーションの取り組みにおける安全確保、そしてクラウド、Web、プライベートアプリケーションを最大限に活用するためのお手伝いをいたします。

                                      What the White House’s Cybersecurity Executive Order Gets Right–And What We’d Like To See More Of

                                      May 17 2021

                                      Netskope applauds the White House’s Executive Order on Improving the Nation’s Cybersecurity, especially the rigor with which short-term deadlines and some clear-cut plans of action are described. 

                                      DarkSide ransomware and the attack on the Colonial Pipeline is just one recent example of events that have disrupted national critical infrastructure and put the privacy and safety of millions of individuals at risk. Public-private partnerships have never been more important than they are today, and tight, politics-free collaboration is imperative if we’re to evolve our cyber defenses. We are pleased to see the Biden Administration stepping up to support this hugely important priority, and we plan to continue Netskope’s work with government, industry, and our customers and partners to further this agenda.

                                      A continuous Zero Trust mindset


                                      The White House’s Executive Order highlights many specific areas of interest for not only federal government security, but how we should be thinking about security and network architecture everywhere. As the Executive Order notes: 

                                      “To keep pace with today’s dynamic and increasingly sophisticated cyber threat environment, the Federal Government must take decisive steps to modernize its approach to cybersecurity, including by increasing the Federal Government’s visibility into threats, while protecting privacy and civil liberties. The Federal Government must adopt security best practices; advance toward Zero Trust Architecture; accelerate movement to secure cloud services, including Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS); centralize and streamline access to cybersecurity data to drive analytics for identifying and managing cybersecurity risks; and invest in both technology and personnel to match these modernization goals.”

                                      According to the Executive Order, agency heads are required to update existing agency plans, develop a plan to implement Zero Trust Architecture based on current NIST migration steps, and report on progress—within 60 days of the order. This is powerful, not least because it helps bring Zero Trust back down to earth from how over-marketed the term has become in recent years. It helpfully frames Zero Trust in architecture terms—something Netskope has also underscored and that we’re seeing as common to the success of our many customers worldwide. 

                                      In a modern architecture, Zero Trust principles should be judiciously applied, adaptively and continuously. But today, many organizations don’t have much more than isolated “Zero Trust projects” focused on networks, users, devices, or isolating servers. The main miss on most of these projects is that they are focused on application-level access and other pieces, but not focused on the data. Architecturally, we must go beyond access control and isolation to provide continuous Zero Trust: real-time access and policy controls that adapt on an ongoing basis based on users, devices, apps, threats, and data context. 

                                      This data-centric approach is the only effective way to dynamically manage risk across a mix of third-party applications and a remote-first workforce that needs always-on access to cloud apps and data to stay productive. As the Executive Order calls out in Section 10, item K: 

                                      Zero Trust Architecture embeds comprehensive security monitoring; granular risk-based access controls; and system security automation in a coordinated manner throughout all aspects of the infrastructure in order to focus on protecting data in real-time within a dynamic threat environment.  This data-centric security model allows the concept of least-privileged access to be applied for every access decision, where the answers to the questions of who, what, when, where, and how are critical for appropriately allowing or denying access to resources…”

                                      Proper application of Zero Trust principles is also a critical step toward Secure Access Service Edge (SASE) architecture. SASE isn’t specifically mentioned by the White House’s Executive Order, but as the Order explains, applying Zero Trust at an architectural level means “a set of system design principles, and a coordinated cybersecurity and system management strategy based on an acknowledgment that threats exist both inside and outside traditional network boundaries.” In other words—and crucial to SASE—yesterday’s security and network technologies and designs won’t even start to address the prevalence of cloud-delivered threats or attacker abuse of cloud apps, or the increasingly acute need for security and networking teams to more effectively converge and collaborate

                                      A call for transparency

                                      In general, the attention paid to cloud security by the Executive Order is refreshing.  It reads as a present-day discussion, covering everything from compliance to information sharing, rather than describing cloud and the need to secure data accessed from the cloud as some kind of “coming thing” that agencies still have plenty of time to prepare for. 

                                      Investing in people, processes, and technologies that properly implement Zero Trust controls in a cloud-first IT environment will do a lot to prevent and mitigate attacks, and the Executive Order discusses the need for transparency as a means to strengthen areas such as supply chain security. The Executive Order also asks various stakeholders to recommend to the Federal Acquisition Regulatory (FAR) Council an updated framework for contract language identifying the nature of cyber incidents that require reporting, the types of information regarding cyber incidents that require reporting, time periods within which contractors must report cyber incidents “based on a graduated scale of severity,” and other factors, including contract language. This is all well and good. 

                                      However, there is a bigger picture aspect to this that the Executive Order does not cover. How will our education system make cybersecurity a core piece of the curriculum, such that we can drive young people to adopt cyber careers early on and think of it as a rewarding, aspirational career path? We will make gains in the present by evolving how we think about security architecture. But we need to ensure a future in which our citizens, at a young age, are trained and have the right resources to uplift our cyber capabilities. This is another area where the current administration could make an enormous impact.

                                      As you consider how your current defenses stack up against the ever-changing security landscape, use the free Netskope SASE Assessment to measure your readiness. For more on how to properly apply Zero Trust principles, get your copy of our Zero Trust Leading Practice white paper.

                                      author image
                                      Sanjay Beri
                                      Sanjay brings more than two decades of innovation and success in the cloud, networking, and security industries.
                                      Sanjay brings more than two decades of innovation and success in the cloud, networking, and security industries.

                                      Stay informed!

                                      Subscribe for the latest from the Netskope Blog