Every single blog you read on cybersecurity has at least one mention of the Zero Trust approach to cybersecurity (even this one 😊). Alas, don’t consider that Zero Trust is yet another hyped word that will soon vanish into thin air. Zero Trust, originally dubbed more than a decade ago, came up as a necessity to defend systems, networks, data and people against the increasing sophistication of attackers that rendered implicit trust a vulnerability.

Zero trust, if implemented well, is recognized by the industry as the best way to support remote and hybrid work, especially as workers everywhere connect to SaaS applications to stay productive. But securing an entire organization goes way beyond SaaS apps. Legacy apps running on-premises or in private clouds are still critical for many organizations, especially for those who have made hefty investments in storage and network appliances to support these important applications.

Zero Trust is the term for an evolving set of cybersecurity paradigms that moves an organization’s defensive measures from static, network-based perimeters to instead focus on users, assets, and resources. It is a security mindset where every incoming connection is treated as a potentially malicious request until explicitly verified. This concept was introduced by John Kindervag, one of the world’s foremost cybersecurity experts, and emphasizes three principles.

Cybersecurity, like broader technological disciplines, is an ever-changing landscape that industry professionals must adapt to. The zero-trust model of cybersecurity has grown recently as organizations update their security practices to keep pace with, and stay ahead of evolving threats. Zero Trust Network Access (ZTNA) increased by 230% from 2019 to 2020, and more than 80% of C-suite leaders cite zero-trust as a priority for their enterprises.

Have you ever walked up to an ATM after another person finished with the machine only to find they left it on a prompt screen asking, “Do you want to perform another transaction?” I have. Of course, I did the right thing and closed out their session before beginning my own transaction. That was a mistake an individual made by careless error which could have cost them hundreds of their own currency.

Architecturally speaking, cloud-native applications are broken down into smaller components that are highly dynamic, distributed, and ephemeral. Because each of these components is communicating with other components inside or outside the cluster, this architecture introduces new attack vectors that are difficult to protect against using a traditional perimeter-based approach.

I spent the first 25+ years of my career running global architecture teams for large multinational companies. I collaborated with and learned from my peers at some of the largest Fortune 2,000 companies in the world. We designed and implemented an architecture that enabled our businesses to transform. Security was but over the years it has become more critical as the infrastructure and data have evolved.