Читать книгу Cyber Mayday and the Day After - Daniel Lohrmann - Страница 23

CEOs and boards need to understand what zero trust is and how blindly adopting zero trust could stand in the way of effective incident response (IR) when cyber emergencies happen. The zero trust approach, by definition, is to “never trust, always verify.”

The concept is not about making a system or network trustworthy. It is about eliminating trust from the decision loop. While useful as a broad cybersecurity concept, boards and executives need to carefully apprise the risks that come with such an approach, especially if their cyber response playbooks require the use of a service, software update, or patch that cannot be verified quickly enough to contain the incident. Often it may be useful to identify trade-offs early on in a risk-based approach and take an approach of pre-verifying “verified” systems, vendors, or partners for situations like this.