Why traditional network perimeter security no longer protects

I’ve mentioned my involvement with the Jericho Forum before. Now I’ve had almost 15 years to think about de-perimiterisation/zero-trust-approach I think we missed the need for constant threat hunting within the network. It’s not enough to ‘verify, then trust’ the people/devices/network connections, we also need to ‘verify, and block’ anything that doesn’t pass muster…:

[…] ZTA seems like a logical progression from perimeter security, just as smartphones became a logical progression of the landline. As is true with the adoption of any new technology, the story is as much about components and peripherals as it is about the psychosocial constructs behind the design principles. To psychoanalyze ZTA is to understand the root of trust. To trust is human and develops at infancy, so when humans first designed network security, it made sense that they would draw on relationships of trust to create a perimeter that created a big zone where everyone and everything were trusted and had access to each other. Beating cybercrime and working in an interconnected world, however, calls for a paradigm of mistrust. ZTA characterizes mistrust as a positive quality that makes computer sense in the global landscape of machine learning.

The notion of zero trust has undulated within the security community since the Jericho Forum published its vision on the topic in 2005. After more than 2,500 cyberattacks hit NATO in 2012, the U.S. federal government urged federal agencies to adopt the zero-trust model. In 2015, the government sounded the alarm again after the largest data breach of federal employee data.


Original article here