undefined | Better HN

0 pointssugarpimpdorsey7mo ago0 comments

It's 2025, it's all about zero-trust now. Can't be inside the security perimeter when there is no security perimeter.

Hiring mischievous North Koreans is fully in line with your CIO's new priorities, which she heard about at a conference once.

0 comments

kibwen7mo ago

The reason that North Korea targets IT roles in particular is precisely because they're the weak link in zero-trust implementations. Someone, somewhere, has the unfettered rights to access the production database, and they're in the IT department.

mgiampapa7mo ago

If not production, they can usually read all the backups, DR systems, logging telemetry, legal discovery systems etc...

freedomben7mo ago

Zero trust doesn't do anything for you when you give the person a legitimate account with access, which presumably you must do for employees else they can't typically do any work

j / k navigate · click thread line to collapse