zero trust
Coverage of zero trust in the Nexus archive.
- Identity Alone Isn't Enough: Why Device Security Has to Share the Load
Identity checks are insufficient to prevent attackers from using stolen session tokens and compromised devices. Zero Trust strategies now rely on continuous device verification. This approach is necessary to enhance security.
- US government, allies publish guidance on how to safely deploy AI agents
Cybersecurity agencies from the US, Australia, Canada, New Zealand, and the UK jointly issued guidance urging organizations to integrate autonomous AI systems into existing cybersecurity frameworks, highlighting risks like privilege overreach, design flaws, and behavioral unpredictability. The document emphasizes applying principles like zero trust and least-privilege access to mitigate threats from agentic AI in critical infrastructure and defense sectors.
- Why Secure Data Movement Is the Zero Trust Bottleneck Nobody Talks About
The article argues that the assumption that connecting a system solves security issues is flawed, causing Zero Trust programs to stall. It references new research from the Cyber360: Defending the Digital Battlespace report, which highlights secure data movement as a critical bottleneck in Zero Trust adoption.
- 5 Ways Zero Trust Maximizes Identity Security
The article discusses how Zero Trust frameworks enhance identity security by addressing stolen credentials, which are a major breach vector. It highlights Specops' approach to limiting access, enforcing device trust, and preventing lateral movement to mitigate privilege escalation risks.
- Russia's 'Fancy Bear' APT Continues Its Global Onslaught
Russia's Fancy Bear APT group continues global cyber attacks, with experts emphasizing that victims don't need technical sophistication but must prioritize patching and zero trust measures.