Event Description 

Changing business models and advancements in technology have created an increasingly complex IT environment with fewer physical and virtual walls to protect an organization’s assets. Because of this, the cyber-attack surface has continued to expand, forcing companies to look towards adapting their approach to cyber defense. The concept of secure operation with a distributed workforce and diminished perimeter security drives the design of an environment that is based around containing and minimizing the damage that can be done by a breach whether it is initiated from within or outside an organization. The non-traditional security approach based on this model enforces controls and security mechanisms to move away from any implicit trust and instead rely upon the premise of “never trust, always verify,“” also known as Zero Trust. As companies adapt to a non-traditional work environment, it is important to understand the shift in control environment from a traditional “”implicit trust”″ to a Zero Trust model through an independent review by internal audit.

Join the Grant Thornton Internal Audit Cybersecurity team on April 20th to discuss and understand a Zero Trust security model and how it aligns to the changing risk landscape.

The discussion will focus on:

• Understanding what Zero Trust is and why it is important for an organization with a complex IT environment
• How zero trust brings together multiple cyber domains to better secure the IT environment and assets
• How organizations are approaching a Zero Trust security model to secure the perimeter
• Leading practices internal auditors should consider in their audit plan to evaluate their organization’s Zero Trust program