In a remote world, a zero – trust revolution is needed

Last summer, law enforcement officials contacted both Apple and Meta, demanding customer data in “emergency data requests”. The companies complied. Unfortunately, the “officers” turned out to be hackers affiliated with a cyber-gang called “Recursion Team.”

About three years ago, the CEO of a UK – based energy company received a call from the CEO of a German parent company instructing him to wire a quarter of a million dollars to a Hungarian “supplier”. He complied. Unfortunately, the German “CEO” was a cybercrime using deepfake sound technology to destroy the other man ‘s voice.

One set of criminals was able to steal data, the other, money. And it was the cause of trust. The visitors themselves were the source of the victims’ information about which they were talking.

What is zero trust, exactly?

Zero trust is a security framework that does not rely on perimeter security. Perimeter security is the old and ubiquitous model that assumes that everyone and everything inside the company building and firewall is reliable. Security is achieved by keeping people outside the perimeter from entering.

A RA the phrase was coined by a doctoral student at the University of Stirling named Stephen Paul Marsh “zero trust” in 1994. (also known as “de-outline,the concept has been thoroughly expanded in guidelines such as Forrester eXtended, Gartners CARD and NIST 800-207.)

Perimeter security is obsolete for a number of reasons, but mainly due to the prevalence of remote work. Other reasons include: mobile computing, cloud computing and the increasing sophistication of cyberattacks, in general. And, of course, threats can come from within as well.

Copyright © 2022 IDG Communications, Inc.

In a remote world, a zero – trust revolution is needed

Source link In a remote world, a zero – trust revolution is needed

Back to top button