Zero-trust networking creator John Kindervag joins Illumio as chief evangelist
Kindervag, whose appointment was announced Monday, has had a long and successful career in information security, including serving on various advisory boards and more than eight years working for Forrester Research as an analyst. He was at Forrester where he came up with the concept back in 2010.
“I was examining at how we set up and deployed firewalls with various trust levels,” he told SiliconANGLE in an interview. “At the time, their policy engines didn’t require any rules for traffic going from high to low trust roles. Forrester let me do research for two years and that was the beginning of my zero trust journey.”
He has written and spoken about the concept ever since. “My life is all about zero trust — but it is a good life!”
It is a simple concept to grasp, which is why it has such longevity. “Trust is a human emotion,” he said. “People didn’t understand that when I first proposed it, but it is all about managing danger rather than risk and plugging holes in your security.”
The concept has taken on greater importance, especially now with the rise of AI-based systems. But AI is a double-edged sword.
“It is easier for adversaries to use AI to build more complex and stealthier attacks, so we certainly need zero trust to protect us,” he said. “But AI allows people to automate and leverage machine learning to understand what is happening across our networks in real time and be able to stop bad stuff before it spreads.”
Kindervag thinks the defenders currently have the advantage, which is somewhat reassuring. “AI is here to stay because it has huge value,” he said. “But AI will consume a lot of data and we have to protect that data properly.”
Another reason for the concept’s staying power is that its definition and practice haven’t changed in the years since he coined the term. “People have tried to move it in one direction or another,” he said. “End users have pushed back a lot.” One big advantage is that zero trust is a vendor-neutral term that can appeal to various security practice areas.
He mentioned that many information technology security professionals approach their jobs using “fight club rules, meaning they don’t like to talk about their security. They also think they have to implement security all at once, rather than breaking it into smaller, more easily digestible pieces and then build it out incrementally.”
Kindervag chose to join Illumio for several reasons. For one, he said, “I have known the founders and did some early advisory work for them when I was at Forrester.” He also likes its product portfolio, which can enable faster and easier trust policy management, and has the ability to tighten policies with more automation tools.
One of Illumio’s tenets is the concept of microsegmentation, or more granular separation of systems and networks. He spoke about how those early network firewalls were put in the wrong place, protecting the edge of the networks. “Segmentation solves the trust problem, because those early firewalls weren’t protecting the center,” he noted.
“I have no regrets and never thought zero trust would take off the way it has,” he said. “My goal is to show how to make it simpler and more effective. Zero trust has become a marketing force multiplier. It isn’t a ‘Good Housekeeping seal’ but a way to get people to move in the right direction. Ideally, it can do some unique things to protect the stuff that matters.”
And Forrester is still all-in on zero trust too: It recently updated its “Wave” report identifying the 14 leading zero-trust platforms, with Microsoft Corp., Palo Alto Networks Inc. and Check Point Software Technologies Ltd. getting the highest marks.
Image: Dell Security; photo: Illumio
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One-click below supports our mission to provide free, deep and relevant content.
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.