Zero Trust Security Fundamentals
Published by O'Reilly Media, Inc.
Understanding key concepts, principles, and implementation approaches of zero trust security
In 2021, all federal government agencies were mandated via executive order to advance toward the zero trust security model. In recent years, governments and private organizations across the globe are likewise adopting the zero trust approach to improve their security posture to counter cyber threats. The number of highly publicized recent breaches guarantees that many more will join the movement.
Join expert Razi Rais to take a dive into the origins of zero trust and the key facets of the “never trust, always verify” approach to security. You’ll explore the standards and guidance around zero trust architecture and understand the various approaches to implementing zero trust while adapting to the complexity of the modern environment, embracing the mobile workforce, and focusing on protecting people, devices, apps, and data wherever they're located.
What you’ll learn and how you can apply it
By the end of this live online course, you’ll understand:
- Key principles and components of zero trust
- Why zero trust is important to your organization
- Zero trust implementation models and use cases
And you’ll be able to:
- Plan the zero trust journey for your organization
- Analyze your current security posture and identify gaps that need to be filled in order to adopt zero trust architecture
- Define roles and responsibilities to help your organization adopt zero trust
- Implement zero trust in your organization
This live event is for you because...
- You’re a security practitioner who wants to understand and implement zero trust architecture.
- You’re planning to implement security best practices in your organization.
- Your role requires you to stay current on security topics.
Prerequisites
- Basic knowledge of computer security topics, including authentication, authorization, firewall, storage devices, cloud computing, and networking
Recommended preparation:
- Read Zero Trust Networks, 2nd Edition (chapter 1 in Zero Trust Networks) (book by Razi Rais)
Recommended follow-up:
- Finish reading Zero Trust Networks, 2nd Edition (book by Razi Rais)
Schedule
The time frames are only estimates and may vary according to how the class is progressing.
Zero trust fundamentals (55 minutes)
- Presentation: The history and evolution of zero trust; understanding the meaning of the “never trust, always verify” mindset; what isn’t zero trust (marketing buzzwords, approaches, and hacks); the role of key players, including governments, cloud providers, and standard and compliance bodies
- Group discussion: Check your knowledge of the “never trust, always verify” mindset
- Q&A
- Break
The current state of frameworks, standards, and guidelines (45 minutes)
- Presentation: Overview of zero trust security frameworks, standards, and guidelines (NIST’s zero trust architecture, NSA’s zero trust security model, ACT-ICT’s six pillars of zero trust, the UK National Cyber Security Centre’s zero trust architecture, and Open Group’s zero trust security); understanding the role of identity, networking, and data in zero trust
- Q&A
Implementing zero trust (55 minutes)
- Presentation: The journey toward zero trust implementation; implementation challenges; migrating to zero trust architecture
- Group discussion: Microsoft’s approach to implementing zero trust architecture; the difference between zero trust frameworks and implementations
- Q&A
- Break
Wrap-up and Q&A (25 minutes)
- Presentation: What’s next in zero trust?; useful resources to enhance your knowledge; job market, roles, and growth prospects related to zero trust
Your Instructor
Razi Rais
Razi Rais is a cybersecurity leader at Microsoft, committed to advancing the cybersecurity industry worldwide.With over 20 years of experience, including more than a decade at Microsoft, Razi has designed secure and resilient systems and services for Fortune 500 companies across Asia, the Middle East, Europe, and the United States. His expertise, developed through roles as a software engineer, architect, and product manager, provides a comprehensive perspective on the evolving cybersecurity landscape. As a thought leader, Razi has co-authored influential books such as Zero Trust Networks (2E), Azure Confidential Computing & Zero Trust. He is a frequent speaker at international conferences like RSA and Identiverse and an active member of the Global Information Assurance Certification (GIAC) Advisory Board. Razi also delivers specialized training through platforms such as O'Reilly and LinkedIn Learning. Connect with him on LinkedIn to stay updated on his latest contributions.