Story excerpt provided by National Defense
It’s hard to have a conversation about cybersecurity these days without hearing about “zero trust,” a cybersecurity design philosophy that, although conceptualized over a decade ago, has reemerged as contemporary wisdom among security practitioners in both government and industry.
Zero trust has risen to prominence in the post-COVID world in part because, as a security engineering paradigm, it addresses the reality that corporate resources have moved to the cloud and users access them from anywhere, whether that’s at the office, home, or Starbucks.
For defense contractors preparing for the Cybersecurity Maturity Model Certification (CMMC) — many of them facing an uphill battle after chronic underinvestment in IT and security — zero-trust concepts may hold the key to fast-tracking the implementation of technical requirements for protecting controlled unclassified information (CUI).
Originally published July 16, 2021.