Oh look Gartner with more "insight" on #zerotrust (even though they had nothing to do with it and literally laughed at myself and John Kindervag as we were developing the #framework). I sure as hell haven't seen any of their "visionaries" in my meetings with senior #dod leaders that are rolling out #zerotrust. Standby for their expensive paper you can pay to read about how #sase will save the world. #poundsand #getyourownideas https://lnkd.in/et8rTVWi
Dr. Chase Cunningham As zero trust matures it grows weaker and weaker "security." The inclusion of shared public clouds and Secure Access Service Edge is running on an untrusted third parties. The SoC can't even instrument the network nor most of the stack for read only security alerts. Who has your encryption keys or super keys? Who knows where and it will failover to another unknown location with unknown patch levels and firmware levels, who knows what dirty tenants are on the same hypervisor and disk and CPU? The Gartner slippery slope of non-zero trust being marketed as zero trust is weakening the foundation and value. Jumping on the bandwagon is both good and bad but if the actual security is important then zero trust in the shared public cloud is an oxymoron.
What blows my mind is the amount of people saying “it’s just a buzzword, let’s not talk about it or mention it because it’s way over used”….
It's scary to see how many executives still rely (and excessively pay) on research companies to get the latest 'holy grail' served.
This made me laugh. Visionaries…
John and yourself deserve the credit!! If you can't think of it...steal it....
Keeping receipts…better yet will they charge you to be referenced by name in those documents? 😂
! Not surprised !
These predictions are so vague that they are meaningless. And usually they apply to any type of project, initiative etc.
Thank you, @Chase. Dr. Chase Cunningham Roger
Cybersecurity Program Manager | CISM | Writer/Editor
3moTell us how you really feel, Dr. Chase Cunningham! I recall them muddying the water back in the day with CARTA and ZTNA too. Seemed like a not-so-veiled attempt to catch the zero trust wave for financial gain. BTW, it doesn't take a genius to opine that government lacks resources and funding to execute on all Executive Orders that come our way. Most are unfunded mandates. The people I work with are making risk-based decisions every day on how best to secure a complex environment with the resources they have AND not break the mission.