#zero-trust

#zero-trust

Zscaler enables organizations to bring their own IP addresses to its Zero Trust Exchange platform. With Bring Your Own IP (BYOIP), companies can maintain their network identity while leveraging Zero Trust architecture. For many organizations, static IP addresses remain operationally important, despite the shift to Zero Trust architectures. SaaS platforms, partner networks, and regulatory agencies often still rely on IP address whitelisting for access control. Zscaler now supports both customer-assigned dedicated IPs and customer-owned dedicated IPs through BYOIP.

Identity security fabric (ISF) is a unified architectural framework that brings together disparate identity capabilities. Through ISF, identity governance and administration (IGA), access management (AM), privileged access management (PAM), and identity threat detection and response (ITDR) are all integrated into a single, cohesive control plane. Building on Gartner's definition of " identity fabric," identity security fabric takes a more proactive approach, securing all identity types (human, machine, and AI agents) across on-prem, hybrid, multi-cloud, and complex IT environments.

Illumio has struck a new partnership with enterprise technology services provider Kyndryl to help organizations bolster security and speed up zero trust adoption. The collaboration sees Illumio's AI-powered breach containment capabilities paired with Kyndryl's Microsegmentation Implementation Services to create a new, scalable Zero Trust solution. Illumio said the offering will help businesses reduce the spread of cyber attacks, minimize business disruption, and improve their overall cyber resilience.

"With the threat to Exchange servers remaining persistent, enforcing a prevention posture and adhering to these best practices is crucial for safeguarding our critical communication systems," Andersen said. "This guidance empowers organizations to proactively mitigate threats, protect enterprise assets, and ensure the resilience of their operations." Anderson added that CISA recommends organizations also "evaluate the use of cloud-based email services" rather than "managing the complexities" of hosting their own.

The browser has quietly become the nerve centre of modern business. It's where we access our CRM, collaborate on documents, check financial dashboards, and run customer calls. Yet while companies spend millions securing networks and devices, the browser, the window through which almost every work app is opened, is often left unguarded. That oversight is proving costly. The more we rely on cloud software, the greater the risk of session hijacks, data leaks, and compromised credentials.

Organizations are heavily investing in zero trust, a security framework that requires strict verification and ongoing monitoring of every user, device, and application. As of 2025, the size of the zero trust market is estimated at $38.37 billion USD and is projected to grow to $86.57 billion USD by 2030. Investmentsinclude not only tools but also organizational transformation, policy overhaul, and long-term architectural changes. When combined with strong, phishing-resistant multi-factor authentication (MFA) and AI-powered threat detection, a move toward zero trust will significantly enhance cybersecurity. However, help desks often lack robust identity verification, creating a critical vulnerability.

JLR was attacked earlier, too. In March 2025, JLR was targeted by the HELLCAT ransomware group, which compromised Atlassian Jira credentials to steal hundreds of gigabytes of sensitive data. This new attack, leading to the systematic shutdown of production facilities and retail systems, suggests either a ransomware attack or a significant system compromise. Clearly, JLR needs to immediately implement capabilities to prevent lateral movement that attackers resort to after an initial breach, among other cybersecurity controls.

The 'castle and moat' idea has gone from outdated to outright dangerous as applications and users have scattered across public clouds, SaaS platforms, and more.

Zscaler's architecture was designed from the outset with the priority of data privacy in mind, as Europe attaches importance to this issue.

Virtualized environments are prime targets for cyberattacks due to their centralized nature and the potential vulnerabilities inherent in remote access protocols. Common Security Risks in Virtualization include credential-based attacks and exposure of RDP ports.

Hollebeek argued that this is the right move, given that "many of these applications need no communication outside of the company network and will therefore be more securely protected on an internal PKI, where the organization can configure certificates as they see fit."

Despite a robust investment in security measures like Zero Trust and endpoint protection, enterprises are significantly neglecting browser security, the critical layer where much of modern work occurs.

Zero-trust principles are crucial in modern cybersecurity yet CI/CD pipelines often ignore them by assuming automation is inherently trustworthy, creating security vulnerabilities.

HPE announced new security features focusing on Zero Trust access and expanded functionalities in HPE Aruba Networking and HPE GreenLake during the RSAC 2025 Conference.

Although caffeine and connectivity are easily available from public places, it's a real Sophie's Choice for IT and security leaders: Allow users direct access to the internet with no security controls, or route traffic to a remote data center using a VPN.