b'In this edition of the ISMG Security Report, former federal CISO Gregory Touhill explains why a zero-trust security model is essential, and Ron Ross of NIST describes initiatives to protect critical infrastructure from IoT vulnerabilities.'