VIDEO
HIGHLIGHT
Log InSign up
Ramin Safai - CISO at Jefferies (Full Interview)
SummaryTranscriptChat

Ramin Safai - CISO at Jefferies (Full Interview)

New Section

Introduction to the discussion with Ramin Safai, CSO of Jeffries, focusing on zero trust and identity in 2023.

Discussion with Ramin Safai

  • Adam Rosa introduces Ramin Safai as the CSO of Jeffries in New York City.
  • Ramin explains that Jeffries is an investment bank offering financial services globally.
  • Ramin discusses his 10-year tenure managing the cybersecurity team at Jeffries.
  • Zero Trust and Identity are highlighted as key topics for discussion.

Zero Trust Implementation

Insights into Zero Trust implementation and its relevance in cybersecurity practices.

Implementing Zero Trust

  • Ramin addresses misconceptions around Zero Trust being used for marketing rather than actual security measures.
  • At Jeffries, Zero Trust involves strict identification protocols before granting access to devices or users.
  • Transition from traditional VPN architecture to cloud-based access like ZTNA (Zero Trust Network Access).

Evolution of security architecture towards Zero Trust principles due to changing work environments.

Security Architecture Evolution

  • Shift from VPN architecture to SASE (Secure Access Service Edge) during the pandemic for remote work scenarios.
  • Adoption of Zero Trust extended beyond laptops and mobile devices to include all user equipment for enhanced security.

New Section

The discussion revolves around the trend of hybrid work architecture and the importance of maintaining technology upgrades in both office and remote settings.

Hybrid Work Architecture

  • Hybrid work is predicted to continue as an efficient way, allowing flexibility between office and remote work.
  • Working from anywhere is valued post-pandemic, leading to necessary technology upgrades in both office and remote setups.
  • Simultaneous technology upgrades for office and remote environments introduce additional costs that businesses seem willing to bear.
  • Transitioning to a hybrid model reduced office visits, necessitating the implementation of zero-trust security measures even for small companies.

Identity Management and Hygiene

The conversation delves into the significance of identity management hygiene in maintaining data integrity within organizations.

Importance of Identity Hygiene

  • Identity hygiene ensures proper management of user data stored in active directories, emphasizing its critical role in organizational operations.
  • Active Directory serves as a repository for various user-related data, requiring meticulous management to avoid discrepancies and security risks.
  • Challenges arise when the number of identities stored surpasses actual employee counts, highlighting the need for effective identity lifecycle management.

Discussion on Network Security and Innovation

The discussion revolves around the importance of addressing findings promptly in network security to secure budget for fixes. It also touches upon the challenges of innovation in compliance-rich environments.

Importance of Addressing Findings

  • : Promptly addressing findings secures budget for fixes.
  • : Emphasize proactive identification of issues rather than waiting for findings.

Challenges of Innovation in Compliance

  • : Innovating in compliance-rich environments can make auditors and regulators uneasy.
  • : Balancing innovation with compliance standards is crucial to avoid confusion.

Identity Hygiene and Service Account Management

The conversation delves into the significance of identity hygiene, particularly focusing on service account management challenges and solutions.

Identity Hygiene Importance

  • : New technologies aid in identifying gaps within identity architecture.
  • : Identity hygiene involves meticulous monitoring to ensure system cleanliness.

Service Account Management Challenges

  • : Service accounts pose significant management complexities compared to user accounts.
  • : Managing service accounts requires tailored approaches due to application dependencies.

Future Trends: Identity Management and Cloud Services

Future trends highlight the continued emphasis on identity management and transitioning towards cloud services for enhanced business capabilities.

Identity Management's Significance

  • : Identity management remains a substantial portion of cybersecurity budgets.
  • : Effective identity governance is critical for maintaining system integrity.

Transition to Cloud Services

  • : Organizations are increasingly moving towards cloud services for agility and technological advancements.
Video description

Ramin Safai, CISO at Jefferies, chats with Ed Amoroso, CEO of TAG Cyber, about zero trust and identity. SUBSCRIBE for more Cyber Security content: http://bit.ly/2yLQcm7 Visit the Jefferies WEBSITE: https://www.jefferies.com/ Connect with TAG Cyber Online: Visit the TAG Cyber WEBSITE: http://bit.ly/2itN6NF Follow Ed Amoroso on TWITTER: http://bit.ly/2zxETeq Follow TAG Cyber on TWITTER: http://bit.ly/2gwYfcm Follow TAG Cyber on INSTAGRAM http://bit.ly/2yIH1T3 Like TAG Cyber on FACEBOOK: http://bit.ly/2z0iVVi Recent posts by Ed Amoroso on LINKEDIN: http://bit.ly/2yLLF3q