The cloud represents many inversions: from one data center to many centers of data, from applications and data and workers on the inside to the outside, from security departments approving everything to departments being bypassed. Security controls built for earlier eras are blind to today’s traffic; security practices designed in earlier eras are ineffective with today’s architectures. Legacy network security models assume a rigid perimeter and implicitly trust everything inside—assumptions that leave you vulnerable when the internet replaces the LAN.
A new model is required, one with an inversion of its own: from trust but verify to verify then trust. Zero trust might be a useful starting point, but ultimately some trust must be extended or else nothing happens. Context-aware continuous adaptive trust offers much more flexibility than simple binary allowor-block decisions. Context can change, so it should be continuously evaluated, which might require adapting the level of trust.
By balancing trust against risk, you can match the type of access to the value of protected assets in real time. You’ll shrink attack surfaces, limit blast radiuses, constrain lateral movement, and respond to threats with greater speed and accuracy.
Want to be secure and get work done? Step out of the moat: context is the new perimeter.