ARN

Consulting firms jump on the zero trust bandwagon

Deloitte's new Zero Trust Access service and HCL's collaboration with Palo Alto Networks mark a sustained trend towards offering Zero Trust security services for clients.
conceptual_network_labeled_zero_trust_by_olivier_le_moal_shutterstock_1958585461_digital-only_license_2400x1600-100896571-orig.jpg?auto=webp=85,70

conceptual_network_labeled_zero_trust_by_olivier_le_moal_shutterstock_1958585461_digital-only_license_2400x1600-100896571-orig.jpg?auto=webp=85,70

Within a day of each other, the consulting and outsourcing firms Deloitte and HCL Technologies have both launched new managed cyber security services, as consultants look to capitalise on the growing appetite for the zero trust security model.

Deloitte unveiled its Zero Trust Access managed service, which is heavily influenced by its recent acquisition of TransientX. Meanwhile, HCL announced a collaboration with Palo Alto Networks to offer managed SASE, cloud security, and threat detection and response for its customers.

Deloitte launches Zero Trust Access

Deloitte’s Zero Trust Access provides device-level security for enterprise data and enforces least privilege policies through dynamic access control to enterprise assets. It is cloud-native by design and aims to secure communications between users, devices, and enterprise applications.

Zero Trust Access can replace remote access solutions including virtual private network (VPN), virtual desktop infrastructure (VDI), and desktop-as-a-service (DaaS), potentially saving on infrastructure, operations and technology overhead. It is available as a standalone product, can be integrated with other Deloitte offerings, or as part of technologies from Deloitte’s alliances partner ecosystem.

HCL partners with Palo Alto Networks

In a similar development, HCL Technologies announced a new managed security offering in collaboration with Palo Alto Networks, focusing on zero trust principles.

The new services include:

  • HCL cloud defence service for cloud powered by Palo Alto Networks: Combines HCL’s cloud security-as-a-service (CSaaS) and its cloud work protection (CWP) with Palo Alto’s Prisma Cloud application protection platform into a single unified solution. 
  • HCL Incident Response (IR) service powered by Palo Alto Networks: Uses threat intelligence from Palo Alto’s Unit 42 to help contain and recover from incidents and breaches.
  • HCL managed Extended Detection and Response (XDR) powered by Palo Alto Networks: Uses Palo Alto’s machine learning-powered Cortex Platform for improved threat visibility, investigation, and detection.

Zero trust is big business

With many organisations pushing towards a zero trust security model, technology consulting and outsourcing firms are quickly looking to capitalise.

“Deloitte’s announcement reflects a recognition of the significant opportunity for helping clients to modernise aging security programs based on zero trust concepts,” said Gary McAlum, senior analyst at TAG Cyber. “Palo Alto’s partnership with HCL Technologies reinforces the security industry’s continued evolution to provide consolidated, one-stop-shop models for stronger cyber security.”

They aren’t alone either. Earlier this year, automated cyber security company Forescout Technologies announced it was expanding its Envision Channel partnership program to include Accenture.

Last month, IBM announced plans to acquire Randori, a leading attack surface management (ASM) and offensive cyber security provider.

Without a doubt, zero trust presents new challenges for organisations wanting to adopt this security model but it also provides a great opportunity for consultants and security companies to help with implementation and change management,” says McAlum. 

“Moving to a zero trust model is a heavy lift and a long journey for any organisation. It will require technology and architectural changes to be sure, but business processes will certainly be impacted and, in some cases, need to be redesigned.”