Changes

Jump to navigation Jump to search
no edit summary
Line 54: Line 54:     
   <h2>Business Brief</h2>
 
   <h2>Business Brief</h2>
  −
  <p class="expand mw-collapsible-content">Hidden</p>
      
   <p>Zero Trust Networking (ZTN) refers to a data networking architecture model first named by John Kindervag of Forrester in 2010, many parts of which have been in use for some years. The total cost of cybercrime (direct impact, but also mitigation) is expected to ramp up from USD3 trillion in 2015 to USD5 trillion by 2020. Most current approaches to data-, information-, and network security revolve around perimeter defense, also known as the castle and moat model. In this model, the outer perimeter of the organization is defended (as in the moat of the castle), with data allowed in/out through a very limited set of points (the drawbridge of the castle) that are implemented as inbound and outbound firewalls. The assumption (which used to be valid) is that threat actors are on the outside, while those on the inside of the perimeter can be trusted.</p>
 
   <p>Zero Trust Networking (ZTN) refers to a data networking architecture model first named by John Kindervag of Forrester in 2010, many parts of which have been in use for some years. The total cost of cybercrime (direct impact, but also mitigation) is expected to ramp up from USD3 trillion in 2015 to USD5 trillion by 2020. Most current approaches to data-, information-, and network security revolve around perimeter defense, also known as the castle and moat model. In this model, the outer perimeter of the organization is defended (as in the moat of the castle), with data allowed in/out through a very limited set of points (the drawbridge of the castle) that are implemented as inbound and outbound firewalls. The assumption (which used to be valid) is that threat actors are on the outside, while those on the inside of the perimeter can be trusted.</p>
Line 138: Line 136:     
   <p>Lastly, consideration must be given to extending the current identity management infrastructure (ICM and ECM) so that devices and processes become identified actors in the broad sense within SSC, and their permissions, access and activities are appropriately managed and logged.</p>
 
   <p>Lastly, consideration must be given to extending the current identity management infrastructure (ICM and ECM) so that devices and processes become identified actors in the broad sense within SSC, and their permissions, access and activities are appropriately managed and logged.</p>
 +
 +
  <p class="expand mw-collapsible-content">Hidden</p>
    
</div>
 
</div>

Navigation menu

GCwiki