The OSI model provides a layered model of how to implement a network. There is a sympathetic security compliance stack that should be fulfilled to ensure our people, processes and data stay safe.
Revolving around the security policy of an organisation, the security intent needs to be translated into infrastructure that can actively secure the environment. The key to that policy is that infrastructure and personnel must almost transparently implement and enforce that policy as part of their day-to-day operations, for all places in the network. Ideally, through analytics and automation, the network should become adaptive and flexible, acting autonomously to evade intruders and malicious activity before they become an issue.
This presentation will describe a layered approach to security:
From the topdown, how do we develop useful policy that can be automated by technology?
In the middle, how we implement a Zero Trust policy integrated across multiple domains? And;
From the bottom up, how do we ensure the technology stack is a secure, trusted, automated platform for the implementation of that policy?