Trust has always been a bit of a tricky proposition. It’s safe to say that all of us, at some time in our lives, have been let down after placing our faith in someone. History is replete with examples of even the smartest individuals suffering the ill-effects of being too trusting. Certainly, Caesar saw no potential harm when Brutus invited him to meet a few of his poker buddies, and I’m sure more than a few Bernie Madoff clients felt a little sheepish after saying, “20% annual return? Sign me up.” Apparently, you can now add the government’s National Security Agency to the long list of those forced to deal with the ramifications of, shall we say, misplaced trust after they recently issued guidance urging owners of networks related to national security and critical infrastructure to adopt “zero trust” policies.
For those of you who haven’t been paying attention, in recent years, a couple of our “frenemies” have made some unauthorized incursions into the nation’s data vaults. No one is wearing a white dress to the party when it comes to covert operations. However, when you use your role as an uninvited guest to make off with security clearance information on millions of this country’s citizens or insert malicious code into commercially available software to take a romp through nine government agencies and more than 100 companies, you’ve probably overstepped your boundaries. It’s kind of like when your mom used to say, “It’s all fun and games until someone loses an eye” — only on a geopolitical scale.