Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion
‎09-12-2021 05:09 AM
‎09-12-2021 05:09 AM

What does industry think about Zero Trust?

Hi All

 

So what does industry really think about Zero Trust? 

 

What do you think?

 

https://www.cyberbitsetc.org/post/what-does-business-community-think-about-zero-trust-5-simple-facts

 

Regards

 

Caute_Cautim

Reply
0 Kudos
6 Replies
Until_then
Contributor I
‎09-13-2021 05:46 PM
‎09-13-2021 05:46 PM

Nothing wrong with Zero Trust as long as you can execute whatever your business function is. With Zero Trust, it's just another layer of added security for identity/authentication management. With the amount of attacks going on, anything to reduce the attack surface is great as long as it doesn't interfere with your mission.
Reply
Until_then
Contributor I
‎09-13-2021 05:59 PM
‎09-13-2021 05:59 PM

NIST SP 800-207 provides for a good read on Zero Trust Architecture (ZTA): https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-207.pdf
Reply
0 Kudos
Caute_cautim
Community Champion
‎09-13-2021 07:23 PM
‎09-13-2021 07:23 PM

@Until_thenI would also suggest the DoD Zero Trust reference architecture too.

 

https://www.nextgov.com/cybersecurity/2021/05/disa-releases-initial-zero-trust-reference-architectur...

 

A great reference to get you going.

 

Regards

 

Caute_Cautim

Reply
csjohnng
Community Champion
‎09-14-2021 04:12 AM
‎09-14-2021 04:12 AM

Actually I am going to write a paper regarding ZTA for my final project for one of my courses   

 

@Until_then 

NIST SP 800-207 does provide good reference and concept and it's a recently good reference for ZTA which is a planned key reference for my paper  

 

@Caute_cautim 

Good to know the DoD released the initial version of ZTA, just glance the TOC, definitely good input and reference for my term paper.

 

Thanks 

John
Reply
Caute_cautim
Community Champion
‎10-08-2021 12:43 AM
‎10-08-2021 12:43 AM

@csjohnng 

 

There is a great deal of mystique surrounding Zero Trust Architecture, it is definitely a well worth journey to undertake, however, technology vendors seem to think they can ram everything into a solution, and it will work.

 

This is not the case, it needs support from the top of the organisation, there is some very cool technology around, but they turn out to be a platform, some of which have been built from the ground up, and others which are based on legacy ideas, and approaches. 

 

It really needs the C-Suite to think laterally rather than in a linear fashion.  Today, is definitely the world of hypothesis, now go and test it, and if it fails it was wrong or the expectations were incorrect. The world of fail fast, and success quickly is upon us.  Time is money, after all.  

 

The best way to get into it is to prioritise the business problems, and take use case, and apply it, and monitor the benefits for the best impact and success.  For instance getting rid of VPN's and remote access is a use case to pursue, given the attacks on such systems these days.   The traditional networks are on the way out, Softward Defined Networks are definitely on the rise.

 

Regards

 

Caute_cautim

Reply
0 Kudos
csjohnng
Community Champion
‎10-08-2021 09:04 AM
‎10-08-2021 09:04 AM

@Caute_cautim 

Yes definitely mystique and worth taking.

I have finished my piece of work 2 weeks ago and got grade as well.

 

I did not realise the term Zero trust is coined 10 year ago.

it's important for the C-Suite to think carefully and we really should ask ourself and continue challenge ourself.

What is "norm" today will no longer norm tomorrow. The only way to test is think bold, valid the hypothesis carefully.

John
Reply