Why Read This
There's an old saying in information security: "We want our network to be like an M&M, with a hard crunchy outside and a soft chewy center." For a generation of information security professionals, this was the motto we grew up with. It was a motto based on trust and the assumption that malicious individuals wouldn't get past the "hard crunchy outside." In today's new threat landscape, this is no longer an effective way of enforcing security. Once an attacker gets past the shell, he has access to all the resources in our network. We've built strong perimeters, but well-organized cybercriminals have recruited insiders and developed new attack methods that easily pierce our current security protections. To confront these new threats, information security professionals must eliminate the soft chewy center by making security ubiquitous throughout the network, not just at the perimeter. To help security professionals do this effectively, Forrester has developed a new model for information security, called Zero Trust. This report will explain the vision and introduce the necessity and key concepts of the Zero Trust Model to security and risk (S&R) leaders responsible for their organization's security architecture and operations.
Tags: Financial Services, Fraud Management, Governance, Risk, & Compliance, Identity & Access Management (IAM), Infrastructure Security, IT Infrastructure & Operations, Network Access Control (NAC), Network Management, Network Security, Networking, Security Information & Event Management, Security Operations, Security, Risk and Compliance, Technology, Vulnerability & Threat Management