[sugarpimpdorsey]

It's 2025, it's all about zero-trust now. Can't be inside the security perimeter when there is no security perimeter.

Hiring mischievous North Koreans is fully in line with your CIO's new priorities, which she heard about at a conference once.

[kibwen]

The reason that North Korea targets IT roles in particular is precisely because they're the weak link in zero-trust implementations. Someone, somewhere, has the unfettered rights to access the production database, and they're in the IT department.

[mgiampapa]

If not production, they can usually read all the backups, DR systems, logging telemetry, legal discovery systems etc...

[freedomben]

Zero trust doesn't do anything for you when you give the person a legitimate account with access, which presumably you must do for employees else they can't typically do any work