Security: Zero Trust Model for Cybersecurity

first_imgThe Zero Trust model is just that, no matter where access to a particular system is coming from, whether it is from inside or outside the perimeter of an organization, it should not be automatically trusted until it is verified.  The historical way security was implemented was like a castle and moat — security focused on the perimeter but assumed that anything inside and that had gotten past the external line of defense was okay.Charlie Gero, CTO at Akamai, said that “the strategy around Zero Trust boils down to don’t trust anyone. We’re talking about, ‘Let’s cut off all access until the network knows who you are. Don’t allow access to IP addresses, machines, etc. until you know who that user is and whether they’re authorized.”Jeff Pollard, analyst at Forrester, said that “the reason why we rely on the idea of zero trust is because it solves the problem of the disappearing perimeter. Your users don’t work from the places they used to work. Your systems aren’t spun up in the way they used to be spun up. [With zero trust], you move from implicit permission to explicit permission.” Chase Cunningham, analyst at Forrester Research, said that “people buy technology and Frankenstein it together and think if they keep throwing tech at the issue they will get it right. The reality of it is, when I ask them ‘What is your strategy?’ most of them don’t even have an answer.”last_img

Leave a Reply

Your email address will not be published. Required fields are marked *