As data breaches increase globally in both severity and frequency, business leaders are realizing that achieving better security outcomes requires a significant shift in the traditional mindset and approach.
It is all too easy to point to examples of massive cyberattacks in which malicious actors managed to move freely through internal systems once they gained access behind corporate firewalls. The traditional castle-and-moat approach to security quite simply isn’t up to the task of dealing with the current threat landscape.
This is a large part of the reason why resources such as Forrester’s “Zero Trust Security Playbook For 2019” are attracting so much attention. As a security concept, zero trust is based on the principle that organizations should never automatically trust anything inside or outside their perimeters. Instead, they must verify everyone and everything trying to connect to their systems before granting access.
When successfully implemented, the zero trust framework can be a positive step toward building resilience. However, beyond the difficulties involved in applying it to legacy systems, zero trust also shares one of the same shortcomings as the castle-and-moat approach: It relies on a duality of technology and architecture to achieve target security outcomes without really considering how the security framework fits into a wider organizational system of dynamic business interactions.
More importantly, the role of people — and particularly the role of the wider pool of nontechnical talent — isn’t considered relevant in the journey toward better securit ..
Support the originator by clicking the read the rest link below.
