'Complexity is the bane of security' Greg Touhill, AppGate Click To Tweet
We have had hundreds of guests in the studio over the past decade, none have been retired Brigadier Generals who have worked in the White House. Greg Touhill fits the bill. After a distinguished career in the Air Force, he worked as the United States Chief Information Security Officer at the Executive Office of the White House.
Currently, Greg serves as President AppGate Federal Group. He joins in the discussion about Zero Trust, compliance, and reducing the attack surface for federal information technology. The interview begins by describing an essential shift in federal information technology from a perimeter defense to being identity centric.
He mentions that that the Internet was developed years ago in a competitive environment. Nobody knew what system was going to dominate. When TCP/IP was being tested, it was remarkable that it even worked. The concept of connect, then authenticate, was a winner. Today, the superior strategy is to authenticate, then connect. This is an essential description of Zero Trust.
If this is the approved strategy to improved cybersecurity, then what are the tactics? “Complexity is the bane of security” is one of Greg’s more famous quotes. When he looks at his considerable experience, he concludes that long checklists and organization charts can be a barrier to effective cybersecurity. One should look at some kind of automated system, or platform, that can control access.