Consulting firms jump on the Zero Trust bandwagon

Within a day of each other, the consulting and outsourcing firms Deloitte and HCL Technologies have both launched new managed cybersecurity services, as consultants look to capitalize on the growing appetite for the Zero Trust security model.

On Tuesday, Deloitte unveiled its Zero Trust Access managed service, which is heavily influenced by its recent acquisition of TransientX. Then, on Wednesday, HCL announced a collaboration with Palo Alto Networks to offer managed SASE, cloud security, and threat detection and response for its customers.

Deloitte launches Zero Trust Access

Deloitte’s Zero Trust Access provides device-level security for enterprise data and enforces least privilege policies through dynamic access control to enterprise assets. It is cloud-native by design and aims to secure communications between users, devices, and enterprise applications.

Zero Trust Access can replace remote access solutions including virtual private network (VPN), virtual desktop infrastructure (VDI), and desktop as a service (DaaS), potentially saving on infrastructure, operations and technology overhead. It is available as a standalone product, can be integrated with other Deloitte offerings, or as part of technologies from Deloitte’s alliances partner ecosystem.

HCL partners with Palo Alto Networks

In a similar development, HCL Technologies announced a new managed security offering in collaboration with Palo Alto Networks, focusing on Zero Trust principles.

The new services include:

  • HCL cloud defense service for cloud powered by Palo Alto Networks: Combines HCL’s cloud security-as-a-service (CSaaS) and its cloud work protection (CWP) with Palo Alto’s Prisma Cloud application protection platform into a single unified solution. 
  • HCL Incident Response (IR) service powered by Palo Alto Networks: Uses threat intelligence from Palo Alto’s Unit 42 to help contain and recover from incidents and breaches.
  • HCL managed Extended Detection and Response (XDR) powered by Palo Alto Networks: Uses Palo Alto’s machine learning-powered Cortex Platform for improved threat visibility, investigation, and detection.

Zero Trust is big business

With many organizations pushing towards a Zero Trust security model, technology consulting and outsourcing firms are quickly looking to capitalize.

“Deloitte’s announcement reflects a recognition of the significant opportunity for helping clients to modernize aging security programs based on Zero Trust concepts,” says Gary McAlum, senior analyst at TAG Cyber. “Palo Alto’s partnership with HCL Technologies reinforces the security industry’s continued evolution to provide consolidated, one-stop-shop models for stronger cybersecurity.”

They aren’t alone either. Earlier this year, automated cybersecurity company Forescout Technologies announced it was expanding its Envision Channel partnership program to include Accenture. Last month, IBM announced plans to acquire Randori, a leading attack surface management (ASM) and offensive cybersecurity provider. 

Without a doubt, Zero Trust presents new challenges for organizations wanting to adopt this security model but it also provides a great opportunity for consultants and security companies to help with implementation and change management,” says McAlum. “Moving to a Zero Trust model is a heavy lift and a long journey for any organization. It will require technology and architectural changes to be sure, but business processes will certainly be impacted and, in some cases, need to be redesigned.”