Supply Chain as Kill Chain Security in the Era of Zero Trust
|Zero Trust is an “always-on everywhere” approach to security. It is a contrast to traditional legacy trust models in which security is “sometimes present in some cases.” Legacy trust models were a low-cost, high-value approach to increasing an attacker’s efforts, but in an era of attacker automation and supply chain compromise, that is no longer true. Legacy trust models are broken by this combination of automation and supply chain attack.
There are three main takeaways from this discussion on Zero Trust:
• Zero Trust highlights sources of low-credibility data, providing insights on where investment can reduce automation costs and labor.
• By knowing the identity risk of internal, external, human, and device resources, “internal” and “external” data supply chains can be handled identically and transparently.
• Zero Trust can secure gaps that can be found in omnichannel and next-generation retail.