Deloitte's new Zero Trust Access service and HCL's collaboration with Palo Alto Networks mark a sustained trend towards offering Zero Trust security services for clients. Credit: iStock Within a day of each other, the consulting and outsourcing firms Deloitte and HCL Technologies have both launched new managed cybersecurity services, as consultants look to capitalize on the growing appetite for the Zero Trust security model.On Tuesday, Deloitte unveiled its Zero Trust Access managed service, which is heavily influenced by its recent acquisition of TransientX. Then, on Wednesday, HCL announced a collaboration with Palo Alto Networks to offer managed SASE, cloud security, and threat detection and response for its customers.Deloitte launches Zero Trust AccessDeloitte’s Zero Trust Access provides device-level security for enterprise data and enforces least privilege policies through dynamic access control to enterprise assets. It is cloud-native by design and aims to secure communications between users, devices, and enterprise applications.Zero Trust Access can replace remote access solutions including virtual private network (VPN), virtual desktop infrastructure (VDI), and desktop as a service (DaaS), potentially saving on infrastructure, operations and technology overhead. It is available as a standalone product, can be integrated with other Deloitte offerings, or as part of technologies from Deloitte’s alliances partner ecosystem. HCL partners with Palo Alto NetworksIn a similar development, HCL Technologies announced a new managed security offering in collaboration with Palo Alto Networks, focusing on Zero Trust principles.The new services include: HCL cloud defense service for cloud powered by Palo Alto Networks: Combines HCL’s cloud security-as-a-service (CSaaS) and its cloud work protection (CWP) with Palo Alto’s Prisma Cloud application protection platform into a single unified solution. HCL Incident Response (IR) service powered by Palo Alto Networks: Uses threat intelligence from Palo Alto’s Unit 42 to help contain and recover from incidents and breaches.HCL managed Extended Detection and Response (XDR) powered by Palo Alto Networks: Uses Palo Alto’s machine learning-powered Cortex Platform for improved threat visibility, investigation, and detection.Zero Trust is big businessWith many organizations pushing towards a Zero Trust security model, technology consulting and outsourcing firms are quickly looking to capitalize.“Deloitte’s announcement reflects a recognition of the significant opportunity for helping clients to modernize aging security programs based on Zero Trust concepts,” says Gary McAlum, senior analyst at TAG Cyber. “Palo Alto’s partnership with HCL Technologies reinforces the security industry’s continued evolution to provide consolidated, one-stop-shop models for stronger cybersecurity.”They aren’t alone either. Earlier this year, automated cybersecurity company Forescout Technologies announced it was expanding its Envision Channel partnership program to include Accenture. Last month, IBM announced plans to acquire Randori, a leading attack surface management (ASM) and offensive cybersecurity provider. “Without a doubt, Zero Trust presents new challenges for organizations wanting to adopt this security model but it also provides a great opportunity for consultants and security companies to help with implementation and change management,” says McAlum. “Moving to a Zero Trust model is a heavy lift and a long journey for any organization. It will require technology and architectural changes to be sure, but business processes will certainly be impacted and, in some cases, need to be redesigned.” Related content news analysis Water system attacks spark calls for cybersecurity regulation The Iranian CyberAv3ngers group’s simplistic exploitation of Unitronics PLCs highlights the cybersecurity weaknesses in US water utilities, the need to get devices disconnected from the internet, and renewed interest in regulation. By Cynthia Brumfield Dec 11, 2023 11 mins Regulation Cyberattacks Critical Infrastructure feature Accenture takes an industrialized approach to safeguarding its cloud controls Security was once a hindrance for Accenture developers. But since centralizing the company's compliance controls, the process has never been simpler. By Aimee Chanthadavong Dec 11, 2023 8 mins Application Security Cloud Security Compliance news analysis LogoFAIL attack can inject malware in the firmware of many computers Researchers have shown how attackers can deliver malicious code into the UEFI of many PCs though BIOS splash screen graphics. By Lucian Constantin Dec 08, 2023 8 mins Malware Vulnerabilities news Google expands minimum security guidelines for third-party vendors Google's updated Minimum Viable Secure Product (MVSP) program offers advice for working with researchers and warns against vendors charging extra for basic security features. By John P. Mello Jr. Dec 08, 2023 4 mins Application Security Supply Chain Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe