What is a Zero Trust approach to security?

Zero Trust has become one of cybersecurity’s latest buzzwords and has been coined as one of the emerging cybersecurity trends to watch in 2021.

According to cybersecurity company Palo Alto Networks, it's imperative to understand what a zero trust architecture is in light of the COVID-19 pandemic which has accelerated the journey to Zero Trust platforms.

Palo Alto Networks defines Zero Trust as a strategic initiative that helps prevent successful data breaches by eliminating the concept of trust from an organisation’s network architecture. Rooted in the principle of “never trust, always verify,” Zero Trust is designed to protect modern digital environments by leveraging network segmentation, preventing lateral movement, providing Layer 7 threat prevention, and simplifying granular user-access control.

Zero Trust was created by John Kindervag, during his tenure as a vice president and principal analyst for Forrester Research, based on the realization that traditional security models operate on the outdated assumption that everything inside an organization’s network should be trusted. Under this broken trust model, it is assumed that a user’s identity is not compromised and that all users act responsibly and can be trusted. The Zero Trust model recognizes that trust is a vulnerability. Once on the network, users – including threat actors and malicious insiders – are free to move laterally and access or exfiltrate whatever data they are not limited to. Remember, the point of infiltration of an attack is often not the target location.

According to The Forrester Wave™: Privileged Identity Management, Q4 2018, This trust model continues to be abused credentials.1 Zero Trust is not about making a system trusted, but instead about eliminating trust.


Featured Articles

Tech Mahindra & Microsoft to host Cybersecurity Event: Texas

Join our exclusive roundtable with cybersecurity experts from Tech Mahindra and Microsoft. Gain insights, network, and stay ahead of evolving threats

Cyber security leaders unite to protect digitised healthcare

A new Advisory Council comprising global cyber security experts aims to tackle the rising threats faced by the digitalised healthcare sector

EC-Council highlights cloud security as primary concern

EC-Council's Certified CISO Hall of Fame Report reveals top cybersecurity concerns, highlighting need to tackle cloud security

Safeguarding the final frontier: Space-age cybersecurity

Cyber Security

Capita cyber attack exposes data breaches across industries

Cyber Security

AWS launches 2023 European Defence Accelerator for startups

Cloud Security