‘Trust Nothing’: As Breaches Mount, a Radical Approach to Cybersecurity Gains Favor
Companies are starting to adopt a zero trust approach when it comes to cybersecurity. In the past, technology to make zero trust security practical has been too immature, and the disruption too risky for most organizations to consider. However, more organizations are planning on adopting the zero trust approach because of the increasing number of data breaches that occur. The basic concept of zero trust is for one to assume nothing, and no one can be trusted. If an organization is planning on implementing a zero trust strategy, they should have 3 things implemented. Companies should have multifactor authentication, management software, and microsegmentation. The management software federates user identities across on-premises and cloud platforms. The microsegmentation is a classification discipline that isolates workloads and data from each other so that access can be controlled at a granular level. Researchers also strongly recommend that companies have software-defined networking in place, but it is not required. As of right now, researchers found that only 4 percent of enterprises fully embrace zero trust security. However, 69 percent of the surveyed organizations plan to use it in the future. Half of the participants who said they were going to implement zero trust in the future are planning to implement the zero trust approach within the next 12 months.