The Lockdown - Practical Privacy & Security

ZERO TRUST | FRIDAY FIELD NOTES

Ray Heffer Season 1

In this week’s FRIDAY FIELD NOTES, Ray Heffer discusses the Zero Trust security model, a framework that's revolutionizing how organizations protect their critical systems and data. Diving into the depths of cybersecurity, we clear up common myths and misinterpretations surrounding Zero Trust, illuminating its role as not just a defensive strategy but a comprehensive approach to modern threats.

Zero Trust operates on the principle of "never trust, always verify," but what does this mean in practice? Zero Trust doesn't just look outward; it recognizes that threats also come from the inside. By assuming that a breach is not just possible, but has already happened, Zero Trust strategies are uniquely positioned to mitigate damage by insiders, whether malicious or accidental.

Follow on Twitter (X): @privacypod
Support the show: https://www.patreon.com/TheLockdown

This episode was recorded on November 09, 2023

This week's episode:

  1. Introduction and Brill is living in a Faraday cage
  2. How we got to Zero Trust by understadning the Cyber Kill Chain
  3. The Principals of Zero Trust
  4. Recommended Zero Trust Frameworks

NIST Zero Trust Architecture (SP 800-207): https://csrc.nist.gov/pubs/sp/800/207/final
CISA Zero Trust Maturity Model: https://www.cisa.gov/zero-trust-maturity-model
Cyber Kill Chain: https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html

Intro music: The Lockdown

"Security is always seen as too much until the day it is not enough." — William H. Webster