Not to toot our own horn but Pat Opet is spot on. Most trust boundaries have shifted to identity, and they aren’t covered enough. Three key issues: 1. Lack of detection capabilities 2. Permission explosion leads to easier lateral movement 3. Traditional governance can't keep up https://lnkd.in/e3vb4Jnn
Field CISO | Head of Application & Product Security Architecture | Cybersecurity Researcher & Author | Mentor
6d“Secure and resilient by design’ must go beyond slogans—it requires continuous, demonstrable evidence that controls are working effectively, not simply relying on annual compliance checks” is basically a call for demonstrated cyber-attack resilience by design that is the goal of risk and attack centric threat modeling.