Zero Trust : Origins

Let’s take a walk on memory lane…

The concept that eventually became zero trust predates the term by more than a decade. The Defense Information Systems Agency, working on what it called the “black core” initiative, proposed moving from perimeter-based security to one focused on the security of individual transactions. The Jericho Forum’s 2004 work on de-perimeterization made the same argument publicly: that relying on a single, static defense over a large network segment was structurally insufficient, and that implicit trust granted by virtue of network location was a liability rather than a feature. John Kindervag, then at John Kindervag,, synthesized these ideas into the term “zero trust” and argued that the fundamental assumption of the perimeter model — that the inside of a network can be treated as safe — was not merely impractical but categorically wrong.

Read the full article on Medium: https://medium.com/@paulvolosen/in-the-insecure-age-of-ai-zero-trust-is-all-you-need-5eaf3a8f3203

Paul Volosen, Chief Security Architect