In this week’s FRIDAY FIELD NOTES, Ray discusses the Zero Trust security model, a framework that’s revolutionizing how organizations protect their critical systems and data. Diving into the depths of cybersecurity, we clear up common myths and misinterpretations surrounding Zero Trust, illuminating its role as not just a defensive strategy but a comprehensive approach to modern threats.

Zero Trust operates on the principle of “never trust, always verify,” but what does this mean in practice? Zero Trust doesn’t just look outward; it recognizes that threats also come from the inside. By assuming that a breach is not just possible, but has already happened, Zero Trust strategies are uniquely positioned to mitigate damage by insiders, whether malicious or accidental.

This episode was recorded on November 9th, 2023

This week’s episode:

1. Introduction and Brill is living in a Faraday cage
2. How we got to Zero Trust by understadning the Cyber Kill Chain
3. The Principals of Zero Trust
4. Recommended Zero Trust Frameworks

Show Links

• NIST Zero Trust Architecture (SP 800-207)
• CISA Zero Trust Maturity Model
• Cyber Kill Chain

“Security is always seen as too much until the day it is not enough.”

— William H. Webster

Intro music: The Lockdown by Ray