"Symposium Charts Progress to Zero-Trust Cybersecurity"

In April 2023, over 1,300 cybersecurity professionals and experts convened virtually for the first Zero Trust Symposium. The event was sponsored and co-hosted by the MIT Lincoln Laboratory, the Defense Acquisition University (DAU), and the Zero Trust Portfolio Management Office of the Department of Defense (DoD). In cybersecurity, the concept of a zero trust framework has gained significant attention in recent years. Zero trust is the practice of never implicitly trusting a device or user, even if they are already within a network. In this framework, a user and their device are continuously monitored and are only permitted access to job-critical applications and data. Zero trust concepts represent a departure from traditional network security, which for years has regarded a network as a "castle and moat" where, once inside the moat, users are often granted wide-reaching access. The strategy puts organizations at risk from malicious insiders or accounts with compromised credentials. This type of vulnerability has enabled numerous high-profile data breaches, including the 2015 Office of Personnel Management breach in which 22.1 million government personnel records were stolen. This article continues to discuss the event on zero trust that emphasized cultural shifts needed to reach a new cybersecurity norm.

MIT Lincoln Laboratory reports "Symposium Charts Progress to Zero-Trust Cybersecurity"