Zero doubt about the direction of zero trust security

The adoption of zero trust is about to change dramatically. In May, the Biden administration announced its cybersecurity Executive Order (EO), stressing the urgency of modernized access and cybersecurity defenses. Consequently, many enterprises can no longer ignore the necessity of investing in zero trust architectures.

Despite 2,600 cybersecurity vendors all claiming the term of zero trust it’s important that technology leaders, including CIOs, don’t get swept into the marketing frenzy of term dominance, instead focusing on the principles of a zero trust strategy evident in modern access solutions.

An essential part of the zero trust concept requires users to be authenticated, authorized, and continuously monitored before they can access applications and data. Zero means zero. Moreover, IT needs to adopt a “minimalist” approach to allow for greater simplicity and agility. An effective zero trust strategy combines a streamlined set of core enterprise security technologies that will replace the 30 various technologies causing excessive noise and complexity.

While zero trust IS the choice architecture and strategic approach to security and modern access, the concept of zero trust has become like “digital transformation,” a word that is used but never understood. Something that is critical to the business, but difficult to implement. For this reason many IT organizations have been hesitant to adopt zero trust.

This is why we believe that businesses should take definitive, manageable, actionable steps towards zero trust adoption and modernizing their access security strategy. ESG Research found that most enterprises start with a single zero trust use case and work their way up from there. It’s important to start small, so many organizations start by eliminating VPN access to their most sensitive and business-critical internal applications.

I recently wrote a column for SC Magazine that looked at the implications of this shift to zero trust. Zero trust is a journey that all companies are on, and no two journeys are the same. How can we help CIOs on their journey, no matter where they are? Understand your business priorities and stick with vendors that stay true to the underlying principles of zero trust architecture.