Zero Trust is the new security jargon floating around the market – in fact the popularity of the term (as indicated by Google trends) has grown 6x in the last two and half years. Is this purely marketing hype or is there any substance behind it? Before we answer that question, let’s first understand what Zero Trust is.
What is Zero Trust?
While the term “Zero Trust” was coined by Forrester analyst, John Kindervag in 2010, the concept has been around for decades going back to the concept of air-gapped networks. At the core, the Zero Trust philosophy challenges the traditional “trust but verify” cybersecurity model. Instead, Zero Trust recommends that organizations “never trust, always verify” by localizing and isolating resources through microcore, microsegmentation, and deep visibility. Zero Trust reduces the broad attack surface in traditional models that attackers use to overwhelm security teams and keep them in crisis management mode. Preventing threats reduces the scope of work for security teams and limits the impact of any breach.
Please read the full article published by ISACA here