Tag: zero trust
-
RSAC 2025: Zero Trust To Give
Welcome to the Talk Page for Having Zero Trust to Give: What should have been next? You can find additional resources here! Abstract Zero Trust generally means either “Zero Trust Network Access,” now a decade old, or it’s a sign that a vendor’s marketing team is behind on the buzzword-washing their content. What should Zero Trust…
-
Handbook: Applying Zero Trust Principles in a Cloud-Centric World
Zero Trust … but to Which Cloud? In the cloud-centric world enterprises increasingly operate in, there are different interesting environments that zero trust principles should be applied to. One of them we’ve somewhat talked about the evolution of the enterprise IT network. That network is becoming more and more obsolete, slowly being replaced with different…
-
Handbook: Zero Trust Principles
In the 2010s, the cybersecurity community was introduced to the concept of zero trust, the idea that implicitly trusting remote systems might be a … bad idea. John Kindervagt coined the term while at Forrester Research, although practical applications were developed in parallel elsewhere. In response to the breaches from Operation Aurora, Google implemented its…
-
Zero Trust in Administration
CrowdStrike, Windows domain administration, SolarWinds — our implicit trust in admin software is a recipe for repeated disasters. The most unsafe part of our technology ecosystem isn’t the number of unpatched systems we have. Nor is it shadow IT, whether it’s homegrown software or the burgeoning bring-your-own-SaaS ecosystem. The shared responsibility model, and the impossible complexity of safely configuring systems…