The concept of zero trust for securing information networks is gaining popularity. The zero-trust architecture is a powerful tool that helps security professionals determine optimal ways to design security controls for their networks. However, industrial control system (ICS) and critical infrastructure networks have important differences from IT networks and require ICS security professionals to reformulate the IT zero-trust approach—particularly regarding the decision of where to encrypt traffic and at what point that end-to-end encryption hurts the availability of protection and control devices.
Trust underpins all security—rather than excluding trust, we should incorporate the notion into the calculus of network security for the best results. Therefore, when applying zero trust to a network, security professionals should continually evaluate these questions: What do I trust? Why do I trust it? When should I no longer trust it?
During this webinar, the presenters share their thoughts and expertise on: