The article below was written by Darren Death, an instructor for IWP’s Cyber Intelligence Initiative.
“Zero trust” has gained a lot of attention, and for good reason. Information security architectures have struggled to keep pace with the threat landscape and have not supplied organizations with a successful mechanism to protect itself from external and internal threats. This assertion is well supported by the reports of organizations across industry sectors being breached on a regular basis. These reports tell us that what we have been doing is not working and we need a fresh approach to the problem of information security. Zero trust provides a new way to approach and handle these threats through a holistic approach that does not innately trust any part of the data flow from the end user to where the data resides on its host information system.