SBN

The (Often Ignored) Fundamentals of Zero Trust

For all the grandiose terminology and technical challenges it poses, Zero Trust is a logical extension of cybersecurity concepts that have been around for decades.

In the past, we’ve highlighted elements of cyber hygiene that date all the way back to the original publication of ITIL in the 1980s. We’re not going quite that far back today—but there’s no doubt that Zero Trust stands on the shoulders of concepts that are far from new.

Start from the Beginning

The diagram below has been issued repeatedly by Gartner for years, and has remained largely unchanged since 2018:

Risk Based Hierarchy - ZT

Notice that “critical, cutting edge” tools—many of which rely on denylisting—are considered the least important factors in reducing cyber risk, while the basics are considered essential. These basics boil down to concepts that everybody in cybersecurity learns within their first year:

*** This is a Security Bloggers Network syndicated blog from Cimcor Blog authored by Lauren Yacono. Read the original post at: https://www.cimcor.com/blog/the-often-ignored-fundamentals-of-zero-trust