It seems that the term “zero-trust” is emerging as the latest buzzword in network security and cybersecurity communities. To explain it, one can look to the Days of Antiquity, at the height of the Roman Empire when its borders encompassed most of Europe, Northeast Africa and the Middle East. Much of the early years of the Empire was focused on what was known as “Preclusive Security” which was an expansionist approach of fighting opponents either in their own lands or at a heavily fortified border.
The problem was that as the Empire expanded, so did its borders, which increasingly proved difficult to staff and resupply with loyal legionnaires, and ultimately became significantly harder to defend. Once invaders like Attila the Hun were able to breach the heavily guarded border, there was little that stood in their way from nearly capturing both Constantinople and Rome.
These challenges associated with the ever-sprawling border precipitated a shift in the Empire’s strategy to what’s called “defense-in-depth,” which established a series of lightly-defended sentry posts at the borders instead of heavily fortified outposts.
While the border may not have been hardened any longer, the sentry posts served as the eyes and ears of the Empire. In the event of an enemy invasion, instead of holding their ground and fighting their opponents at the border, sentries retreated to reinforced positions within their own territory for a better chance to repel invaders.
Fast Forward Two Millenia
In the 1980s and beyond, we began applying this same defense-in-depth philosophy to our IT networks, layering protection and redundancies to reduce vulnerabilities, instead of a hardened border. In “those days of antiquity” with .rhosts files and unencrypted telnet protocols, often simply penetrating the firewall could lead to a total compromise of an e ..
Support the originator by clicking the read the rest link below.
