|
|
|
|
|
|
by NegativeK
806 days ago
|
|
|
I don't think this tech is targeting TS/SCI data. > If the data should never go out, the network should be physically separated and isolated at physical level, from everything. Every company has that kind of data, though, and cybersecurity maximalism is how cybersecurity people get disinvited from architecture discussions. We can't tell users to not turn their computers on, since that invites breaches, and we can't tell IT to airgap the networks because that slows business to a crawl (and pisses of users, etc.) Cybersecurity is always about risk management. The risk of doing basically anything has to be balanced against the risk of not doing it at all. Often the cost of not doing it is too high, so the job is to use something like confidential computing (if it makes sense) and then try to mitigate attackers trying to get at it. |
|
|