> Like they won’t get credit for knowing what a zero trust network is if they describe the concept in a way that regular people might understand.
I've been trying to get a definition of zero trust at $client from the security people who are pushing tools onto our platform, so we can have an honest conversation around threats and risks, and finding the best balance of tools, techniques and processes to achieve their desired outcomes.
Unfortunately, it seems like everybody just want "zero trust" because a vendor sold them on that idea and they gave money to the vendor, so now there's the need to justify that expense and "extract value" from the tool - even if it may in fact be worse than the controls that are already in place.
I've been trying to get a definition of zero trust at $client from the security people who are pushing tools onto our platform, so we can have an honest conversation around threats and risks, and finding the best balance of tools, techniques and processes to achieve their desired outcomes.
Unfortunately, it seems like everybody just want "zero trust" because a vendor sold them on that idea and they gave money to the vendor, so now there's the need to justify that expense and "extract value" from the tool - even if it may in fact be worse than the controls that are already in place.