2022 Zero Trust Summit , Events

Zero Trust and the Dangers of the Implicit Trust

Zero Trust and the Dangers of the Implicit Trust
The tenets of zero trust are well defined in NIST SP 800-207, but have many architects truly taken them on-board? Are we exhibiting a familiarity bias: over-trusting certain mechanisms and failing to properly ascertain their trustability, as we are required to? Are we ignoring others, which provide useful evidence of trustability? Are we looking too much at the actual network we are trying to protect, and disregarding unmanaged devices, IoT/OT/ICS, BYOD? Is EDR, as is mandated by EO M-22-01, the right approach, or an initial step on the road? How do we expect our adversaries to behave, and how do we counter that threat in the way we architect our zero trust environments?


Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cybered.io, you agree to our use of cookies.