[Info-vax] US Gov't "Zero Trust" Security Requirements
John Dallman
jgd at cix.co.uk
Wed Sep 21 09:01:00 EDT 2022
In article <tgevio$1qglo$1 at dont-email.me>,
clubley at remove_me.eisner.decus.org-Earth.UFP (Simon Clubley) wrote:
> Today's zero trust network is very different. Today, the assumption
> behind zero trust is that the internal network _has_ been compromised
> and that you still need to be able to operate your systems in such
> an environment.
The rise in compromises that necessitated this change of mindset seems to
have been largely due to the tendency of managers and salescreatures with
laptops to take them out of the office and get them infected with malware.
Then /targeted/ malware started being distributed via e-mail phishing. At
this point, a lot of IT departments' management concluded the secured
world of the past was no longer viable, except under very special
circumstances.
John
More information about the Info-vax
mailing list