Forrester: Trust no one with IT security
16 September 2010 | 0
Forrester Research is to release a report, “Introducing the Zero-Trust Model of Information Network” in conjunction with its Security Forum event in Boston.
The report attempts to put an end to the oft-used description of an IT security strategy comprising a ‘crunchy outside’ and a ‘chewy centre’.
“We’ve built strong perimeters, but well-organised cybercriminals have recruited insiders and developed new attack methods that easily pierce our current security protections. To confront these new threats, information security professionals must eliminate the soft chewy centre by making security ubiquitous throughout the network, not just at the perimeter,” says the author John Kindervag.
The concept is similar to that espoused by the Jericho Forum, which pioneered the notion of “deperimiterisation” of the enterprise, with security focussed on the data itself, rather than just the walls of the organisations.
The insider threat has increasingly been grabbing headlines, with high profile cases including the arrests of former Sprint employees for allegedly collaborating on an identity theft scheme.