Zero Trust is a security strategy. It is not a product or a service, but an approach to designing and implementing the following set of security principles:

* Verify explicitly
* Use least privilege access
* Assume breach

## Guiding principles of Zero Trust

| Verify explicitly | Use least privilege access | Assume breach |
| —————– | ————————– | ————- |
| Always authenticate and authorize based on all available data points. | Limit user access with Just-In-Time and Just-Enough-Access (JIT/JEA), risk-based adaptive policies, and data protection. | Minimize blast radius and segment access. Verify end-to-end encryption and use analytics to get visibility, drive threat detection, and improve defenses. |

Speaker: Jeff Border is a Global IT leader, cybersecurity evangelist, and four-string bass clefist known for successfully advising IT to embrace DevSecOps. Deep industry experience in cloud-based platforms using agile DevSecOps transformations. Working knowledge of APAC and EMEA cultures is key to effectively uniting operations globally. Senior organization representative to press and vendors as well as consultant-to-consultants. Noted technology communicator, mentor, and trainer in all positions. Topics Jeff evangelizes include zero trust, blue teaming, Terraform, shifting left with Scaled Agile Framework © DevSecOps, identity management, global IT leadership, cloud services management and transformation, IT ops optimization, governance, software agreements/contracts, IT acquisitions, infrastructure as code in continuous delivery pipelines. He holds a handful of Microsoft certifications and a couple for Scaled Agile Framework ©.