Executive Spotlight: Bill Harrod, Federal CTO for Ivanti

ExecutiveBiz: With more and more companies enabling zero trust architecture and security, how have the recent collaborations with NIST’s National Cybersecurity Center of Excellence and Ivanti Neurons allowed you to improve your cybersecurity offerings to your clients and solidified the importance of zero trust to your organization?

“For Ivanti, the term ‘Zero Trust’ architecture encompasses a number of complementary technologies to ensure that authentication and authorization is always verified, and never inherited. Zero Trust is about consistently enforcing strong controls and policies to implement micro-segmentation on a network, validating that devices, users, and applications are all in compliance and enabling a software-defined perimeter to protect the most critical resources and data on the network.

Vulnerability scanning is another critical piece — and for Ivanti, the recommendation goes beyond what we typically think of for scan and patch. Ivanti recommends using an automated discovery tool to help identify everything on the network, including IoT devices, Bluetooth-connected devices, devices that may sit between your enterprise network, and your target cloud applications.

These devices may be a part of solutions that help to define your Secure Access Service Edge (SASE) components or your Cloud Access Security Broker. While some of those assets may not be ‘yours’ in the traditional sense, they are part of your overall enterprise and provide an avenue to gain entrance to your network. It is critical you’re able to scan and remediate vulnerabilities across all components of your enterprise.

Automation is another component that’s absolutely essential for patching and solution updates. Automation, driven by artificial intelligence and machine learning engine, can respond to new devices showing up on a network, detect and remediate threats and enforce policy compliance quickly and without human intervention. Automation, coupled with AI/ML, is also significantly better at anomalous behavior detection and response — whether it’s by employees or by a device.

Integrating all of these components into an effective IT services model is what enables the hyper-automation that will help agencies secure their network, data, and resources, and mature their ITIL model to meet the challenges of today and into the future.

Ivanti is very pleased to be a part of the NIST NCCoE Zero Trust Architecture project and we look forward to working with all of the collaborators to address the business cases that will be applicable for our Federal clients and our commercial clients as well.”

Read more at: ExecutiveBiz