Zero Trust sounds impressive and futuristic, but it isn't really a new concept — and what does it actually mean? It is not that different from past trust models such as Trust But Verify and Least Privilege.
Zero Trust sounds impressive and futuristic, but it isn't really a new concept — and what does it actually mean? It is not that different from past trust models such as Trust But Verify and Least Privilege.
So, here we are once again, stating the obvious: if we don't think differently about the problems we face, we're not going to be able to solve them.
Security practitioners and managers are bombarded by marketing messages that require decoding and interpretation, and how to make a decision is more than a matter of trust v literally. Do they listen to analysts, vendors, auditors, their peers, or their gut?
Security professionals and their teams are expected to keep up with the changes as new industry reports come out and new technologies are brought to market. Still, they are often forced to continuously think differently about the problems they face in a confusing, distracting, and counterproductive way. This is simply not good for our industry nor our businesses' security.
In today's episode, we muse and question the status quo that has characterized our industry for the past 20 years. We go beyond this debate and beyond the Zero Trust concept to look at how organizations should evaluate not just their tech stack but also their teams, operations, and processes. We reflect on where trust fits in, how it plays a crucial role in a security program, and why it isn't binary in nature.
Yes, you must think differently, but it's not a good idea to rely on others to think differently for you. Think for yourself and your organization — as you are the one that knows what matters the most for your business.
Then, put your thinking cap on and enjoy this episode of Redefining Security.
"You have this perfect plan, but then you hit the real world and no plan survives contact with the enemy." —Dr. Zulfikar Ramzan
"Why do we keep doing this? We continue to chase technology. Why do we not think about the human? Why do we think about the process and procedures? Zero Trust would be great if we could actually know where the hell all the data was inside an environment." —Chris Roberts
"We are our own worst enemy. We produce something that is beautiful in our head, but it doesn't work in practice." —Francesco Cipollone
"We're always looking for the easy button as an industry and then blame vendors when they buy the easy button and it doesn't work." —Siân John
Guest(s)
Siân John | Zulfikar Ramzan | Chris Roberts | Francesco Cipollone
This Episode’s Sponsors:
Nintex: https://itspm.ag/itspntweb
To see and hear more Redefining Security content on ITSPmagazine, visit:
https://www.itspmagazine.com/redefining-security
Are you interested in sponsoring an ITSPmagazine Channel?
https://www.itspmagazine.com/podcast-series-sponsorships