There’s a common theme among the last couple of posts on here: first, I ranted about SANS new Securing the Human program, and then Josh got all ranty about Forrester’s “Zero Trust Model”.   Here’s the thing – my biggest frustration with both of these “innovations” in our industry is that they’re nothing new.  Both SANS and Forrester are reinventing the wheel and running around claiming it to be something new. To wit – let’s take a quick Back-to-the-Future gander …

Read more »

At long last, we have been presented with the Holy Grail of information security management and protection strategies. Forrester Research recently declared the Zero Trust Model (http://goo.gl/PT348) that aims to fix the current – broken – model in terms of inherent trust levels, which areas of the network should be protected and from which perspective. In all seriousness, this is a step in the right direction which is only becoming relevant now because of recent advances in various security technologies …

Read more »