[marcusb]

just go and look at any of the vendors selling “zero trust” solutions. They all have white papers available about how a) perimeter security is “dead” and b) how their specific flavor of zero trust is the One True zero trust and the only thing you can trust to protect your data.

You will without exception need to provide an email address to access these white papers, so their inside sales team can ensure you fully understand the importance of trusting their zero trust, and not trusting anyone else’s.

I’m not kidding - even a little.

[datadrivenangel]

Defense in depth though: against a strong threat actor, perimeter based security won't prevent you from getting pwnd, but it will likely take them longer than if everything is on the public internet, and a private network will make weak threat actors ignore you, so it is still valuable.

[PhilipRoman]

It's sad that "zero trust" has become almost the opposite of what it originally meant. Now you can have the same insecure RDP server with admin/admin login but at least it's protected by a VPN that only a few tens of thousands of people have access to.