Security without trust
Trust in the context of computer networks refers to systems that allow people or other computers access with little or no verification of who they are and whether they are authorized to have access.
Zero Trust is a security model that takes for granted that threats are omnipresent inside and outside networks. Zero trust instead relies on continuous verification via information from multiple sources. In doing so, this approach assumes the inevitability of a data breach. Instead of focusing exclusively on preventing breaches, zero-trust security ensures instead that damage is limited, and that the system is resilient and can quickly recover.
Using the
public health analogy, a zero-trust approach to cybersecurity assumes that an infection is only a cough—or, in this case, a click—away, and focuses on building an immune system capable of dealing with whatever novel virus may come along. Put another way, instead of defending a castle, this model assumes that the invaders are already inside the walls.
It's not hard to see the benefits of the zero-trust model. If the Colonial Pipeline company had adopted it, for example, the ransomware attack would likely have failed and people wouldn't have been
panic-buying gasoline in recent days. And if zero-trust security were widespread, the ransomware epidemic would be a lot less biting.
