Putting the Zero Back Into Zero-Trust – Sharon Goldberg – ESW #263
We'll cover the cutting-edge recommendations in the US federal governments January 2022 memo on their "transition to zero trust". Then we'll talk about what the standard definition of "zero-trust" means in our industry, and why it doesn't mean "trust zero things". Finally, we'll chat about architectures that can get us closer to actually trusting zero things.
Analysis of the federal government's zero trust memo:
Zero trust security models https://docs.bastionzero.com/product-docs/home/security-model
Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!
Dr. Sharon Goldberg is the CEO and cofounder of BastionZero, an infrastructure cybersecurity startup, and a tenured computer science professor at Boston University. She has taught courses in cybersecurity for over a decade and has published over 30 peer-reviewed research papers on infrastructure security and cryptography. She is a contributor to security of BGP, NTP, DNS, Bitcoin, Ethereum and IETF cryptography standards, and is an author of the 2015 attacks on NTP. Lately, she spends most of her time thinking about zero trust, bastion hosts and why perimeter VPNs are just not a good idea.