512
edits
Changes
Jump to navigation
Jump to search
Line 54:
Line 54: − − <p class="expand mw-collapsible-content">Hidden</p> Line 138:
Line 136: + +
Technology Trends/Zero Trust Network (view source)
Revision as of 12:30, 5 July 2019
, 12:30, 5 July 2019no edit summary
<h2>Business Brief</h2>
<h2>Business Brief</h2>
<p>Zero Trust Networking (ZTN) refers to a data networking architecture model first named by John Kindervag of Forrester in 2010, many parts of which have been in use for some years. The total cost of cybercrime (direct impact, but also mitigation) is expected to ramp up from USD3 trillion in 2015 to USD5 trillion by 2020. Most current approaches to data-, information-, and network security revolve around perimeter defense, also known as the castle and moat model. In this model, the outer perimeter of the organization is defended (as in the moat of the castle), with data allowed in/out through a very limited set of points (the drawbridge of the castle) that are implemented as inbound and outbound firewalls. The assumption (which used to be valid) is that threat actors are on the outside, while those on the inside of the perimeter can be trusted.</p>
<p>Zero Trust Networking (ZTN) refers to a data networking architecture model first named by John Kindervag of Forrester in 2010, many parts of which have been in use for some years. The total cost of cybercrime (direct impact, but also mitigation) is expected to ramp up from USD3 trillion in 2015 to USD5 trillion by 2020. Most current approaches to data-, information-, and network security revolve around perimeter defense, also known as the castle and moat model. In this model, the outer perimeter of the organization is defended (as in the moat of the castle), with data allowed in/out through a very limited set of points (the drawbridge of the castle) that are implemented as inbound and outbound firewalls. The assumption (which used to be valid) is that threat actors are on the outside, while those on the inside of the perimeter can be trusted.</p>
<p>Lastly, consideration must be given to extending the current identity management infrastructure (ICM and ECM) so that devices and processes become identified actors in the broad sense within SSC, and their permissions, access and activities are appropriately managed and logged.</p>
<p>Lastly, consideration must be given to extending the current identity management infrastructure (ICM and ECM) so that devices and processes become identified actors in the broad sense within SSC, and their permissions, access and activities are appropriately managed and logged.</p>
<p class="expand mw-collapsible-content">Hidden</p>
</div>
</div>
