Tech Time: Being negative for positive security

An introduction to zero-trust security architecture, its basic principles and what it means for credit unions

May 24, 2023 by Jim Benlein, CISA, CISM, CRISC, CU Management

“Guilty until proven innocent.” Not a phrase one usually thinks of when discussing credit union cybersecurity practices, but those four words offer a simple introduction to the philosophy behind zero-trust architecture for information and technology security.

For our starting point, let’s look at the NIST definition of zero trust:

“Zero trust provides a collection of concepts and ideas designed to minimize uncertainty in enforcing accurate, least privilege per-request access decisions in information systems and services in the face of a network viewed as compromised.”

“Zero-trust architecture is an enterprise’s cybersecurity plan utilizing zero trust concepts and encompasses component relationships, workflow planning, and access policies.”

Breaking down the above, let’s look at several aspects of what zero trust is and is not for the credit union.

Tech Time: Being negative for positive security

An introduction to zero-trust security architecture, its basic principles and what it means for credit unions

Featured

3 terrible reasons for not teaching financial education in school

Five ways financial education drives brand awareness

Credit unions + financial education = brighter futures

Live event coverage: 2024 NACUSO Network

Stay connected to the credit union community with our free newsletter!

You have Successfully Subscribed!