Image

Experience with Zero Trust Network implementation

I have been actively working on the Zero Trust Framework (hereafter referred to as ZTN) since 2019. The actual deployment of the concept is a confluence of strategic changes technically, organizationally and above all in the so-called cultural aspect. The deployment of ZTN seems to be a technical topic, but experience shows that the whole concept stands and falls on a change of mindset from the attitude "they do security" to "I am vulnerability". In this presentation, I will share with the audience the experience of implementing ZTN in the environment of two companies, Slovak Telekom, a.s. and T-Mobile Czech Republic, a.s. - two legal entities but a common technology and concept. The presentation will cover both technical and software topics and thus will be of interest to a wide range of the conference audience.

The aim of the presentation is to share interesting parts of the implementation from 2019 to the present, in particular:

  • Basic enablers to start the transformation of the transition to DRR (budget, management support, strategy and visualization of the mission).
  • The adoption of this change in the company at the management, staff and technical staff level.
  • A strategy for a gradual transition (the so-called core components of DRR).
  • Transition from Perimeter Security to Identity/Endpoint what are the main reasons and obstacles. Persistence is a security problem.
  • VPN is a privilege and prerogative of specific cases, not for the masses.
  • JIT - Just in Time access implementation concept.

Tomáš Masný

Tomáš Masný currently holds the position of CISO at Slovak Telekom and T-Mobile CZ, which are part of the Deutsche Telekom Group. He has been working in security since 2005 and has been working in telco for 15 years. During his career, he has worked in consulting in Europe for customers in the energy, gas, banking, and government sectors as an expert. In the telco environment he has held positions from expert, project manager to manager. He has implemented and continues to implement many innovative, strategic and transformational changes whether in telco mergers or as part of strategic developments in the in-depth defence of company assets, with the main mission being, is and will be to ensure the security of customer services and assets of the enterprise environment. Family, garden, bees and nature are his relaxation when he is not on the defensive.