RANT Radio: Zero Trust
Zero Trust: Improve security, by trusting no one? Zero trust promises a radical new way to handle identity and security. Strengthening perimeters only goes so far. At some point, there will be a breach. Once the attacker is in the damage is done: it’s all too easy to compromise systems or steal data. With zero trust everything, and everyone, is untrusted until it’s proven otherwise. Zero trust promises to stop hackers using privilege escalation or lateral moves to press home their attacks. It would, its advocates say, have blocked many high-profile breaches. That, at least, is the theory. But zero trust is not a tool a CISO can just deploy. It’s often described as a journey or a process. Certainly, it is a new way of thinking. How can that thinking turn into better security?