Reaping the Benefits of Zero Trust

Date:

Before Article Content · 728×90
Advertise Here

Trending

- Advertisement -

The advent of emerging technologies such as robotic process automation, artificial intelligence, and blockchain, as well as heightened security concerns due to the pandemic, bring new cybersecurity risks and challenges.

This evolving technology landscape has made it even more imperative for organizations to better manage cybersecurity risks and become security resilient, and many are turning to a Zero Trust approach to do this.

What is Zero Trust?

According to the National Institute of Standards and Technology (NIST), Zero Trust (ZT) refers to an evolving set of cybersecurity paradigms that move defenses from static, network-based perimeters to focus on users, assets, and resources.

A Zero Trust architecture (ZTA) uses Zero Trust principles to plan industrial and enterprise infrastructure and workflows. Zero Trust assumes there is no implicit trust granted to assets or user accounts based solely on their physical or network location (i.e., local area networks versus the internet) or based on asset ownership.

- Advertisement -

Zero Trust is not a tool or a new technology, but a strategic architectural concept, and should be aligned with business objectives.

Why does Zero Trust matter to an organization?

The primary goal of a solid Zero Trust strategy is to extend the control plane from the internal secure assets of the environment as far outward as possible. ZTA is all about “verify, and then trust.”

The COVID-19 pandemic has resulted in many organizations shifting to remote working due to the safety risk and government guidelines, like city lockdowns.

- Advertisement -

As a result, it has impacted nearly every organization’s cybersecurity strategy. This obviously has posed an external issue for cybersecurity leaders on how they could trust personal devices and home networks to be secured in line with the organization’s security policies and procedures.

In many cases, it has become necessary for cybersecurity leaders to consider implementing controls without trusting the resources in the interest of maintaining business continuity. However, many organizations are now reassessing these practices and transitioning where possible to a Zero Trust approach.

Implementing Zero Trust

The newly released ISO / IEC 27002:2022 Information security, cybersecurity and privacy protection – Information security controls standard provides guidance on implementing Zero Trust principles that organizations can consider, such as:

• Assuming the organization’s information systems are already breached and thus not reliant on network perimeter security alone.

• Employing a “never trust and always verify” approach for access to information systems.

• Ensuring that requests to information systems are encrypted end-to-end.

• Verifying each request to an information system as if it originated from an open, external network, even if these requests originated internally to the organization.

• Using “least privilege” and dynamic access control techniques. (e.g., authentication information, user identities, data about the user endpoint device, and data classification).

• Always authenticating requesters and always validating authorization requests to information systems based on information (e.g., enforcing strong multi-factor authentication).

Why are boardrooms supporting Identity and Zero-Trust initiatives?

Like any security initiative, Zero Trust requires commitment from the board. Zero Trust should involve the board, the chief information security officer, and other leaders to determine priorities and ensure that they will be effectively implemented across the organization.

In general, boardrooms tend to trust insiders, that is, authorized users, rather than outsiders. However, Zero Trust begins with not differentiating insiders and outsiders. An organization’s existing controls may not suffice to address new cybersecurity risks and it may need to implement additional and/or new controls.

Zero Trust is built on the premise that trust cannot be granted forever and needs to be evaluated on a continual basis. Today, many boardrooms are already driving the change and supporting identity and ZT.

Many boardrooms are convinced of the value of ZT after realizing these business benefits:

• Reduction in overall cost and expenditures.

• Reduction in the scope of requirements for compliance related to cybersecurity, as it entails accurately mapping assets, inventories, and data, which decreases the risk of unauthorized access.

• Greater control in the cloud environment through authorized workloads.

• Lower breach potential through verified and approved communications.

• Lower compliance risk.

• Business agility and speed.

• More streamlined user experience, allowing users to be less encumbered by security as part of their daily job.

Summary

In summary, achieving Zero Trust does not require the adoption of any new technologies. It’s simply a new approach to cybersecurity to “never trust, always verify,” or to eliminate any and all trust, as opposed to the more traditional perimeter-based security approach that assumes user identities have not been compromised, and all human actors are responsible and can be trusted.

Zero Trust does not eliminate trust completely but uses technologies to enforce the principle that no user and no resource has access until it has been proven it can and should be trusted—and in the process, strengthen cybersecurity defenses.

THE SNAPSHOTS

Sign up to get quick snaps of everyday happening, directly in your inbox.

We don’t spam! Read our privacy policy for more info.

- Advertisement -
Chetan Anand
Chetan Anand
Chetan Anand is Associate Vice President of Information Security and CISO at Profinch Solutions.

More Latest Stories

More Articles

How changing lifestyles are driving demand in home improvement products

The parking lot outside a home interiors store in Bengaluru's Marathahalli is full by ten on a Sunday morning. Not full of contractors or...

Why Indian Business Still Runs on Spreadsheets and WhatsApp for Treasury

India is home to one of the world's fastest-growing fintech ecosystems, projected to reach $421 billion by 2029. As the third-largest fintech hub globally, it processes billions of real-time transactions and over 17,000 crore UPI payments annually, fundamentally reshaping how consumers and small businesses...

The New Age of Digital Assets: How Blockchain Is Redefining Financial Inclusion

Innovation is changing the nature of economic participation and making it more inclusive, especially...

The Efficiency Gap That Will Reshape Finance by 2030

Here is the number that should be keeping every CFO awake right now: 97%...

Nexchain AI Maps Its Final Path to Launch as $0.06 Token Presale Window Nears Its Close

Like a building project that moves from design to final inspections, the Nexchain AI...

Nexchain AI Sets Mainnet and Presale Token Launch in Motion With Final $0.06 Access

Nexchain AI has entered a decisive 2026 build phase as its launch roadmap moves...

The Reliability Equation: Trev Mobility CEO Naveen Gupta on Building Trust in Premium Electric Ride-Hailing

During an interview with TechGraph, Naveen Gupta, Founder & CEO of Trev Mobility, highlighted...

Nexchain Publishes New Roadmap as $0.06 Token Stage Continues

Nexchain has unveiled its updated development roadmap, providing the community with a clearer view...

The rise of tier-2 GCCs: How digital infrastructure is redefining India’s technology talent map

For the better part of two decades, India's Global Capability Centre (GCC) story was really a story about four or five cities. Bengaluru, Hyderabad,...

Why Startups Are Turning to Virtual CFOs for Smarter Growth

​For a long time, finance leadership in startups followed a predictable path. Founders managed...

Nexchain Rebuild Story Puts AI Layer 1 Development Back on the Crypto Presale Radar

Nexchain AI has brought its rebuild story back into focus as its AI Layer...

Why Micro Learning at 3 Minutes Works Better Than Lectures at 3 Hours

In the fast-moving world of digital education, there is one myth that continues to...

How Machine Learning Is Redefining Short-Term Borrowing for Tech-Savvy Consumers

Short-term lending has long relied on limited snapshots of a borrower’s history. That approach...

Why Players Buy LoL Boost and How the Process Works

If you’re researching why players buy lol boost, you’re usually trying to understand two things: what people are actually paying for in ranked, and...

CasinoBonusesFinder UK: how filters, Telegram alerts and real bonus matching work in practice

Anyone who has spent serious time on casino bonus hunting knows the drill. You find something that looks promising, click through, and discover the offer expired three weeks ago. Or the wagering requirement is 50x - meaning a £100 bonus requires £5,000 in bets...

The Detroit Region’s Role in Modern Global Supply Chains

As global commerce continues to expand its reach, the Detroit region has emerged as...

The Importance of Keeping Up to Date With Auto Maintenance

Auto maintenance is one of the most important responsibilities that comes with owning a...

Redrob AI Launches Professional AI Platform for India’s Workforce

In a bid to help students and professionals navigate an increasingly fragmented digital work...

Simple Habits That Keep Your Car Running Longer

Keeping your car running longer doesn’t require expert-level knowledge—it comes down to building smart...

Why Resume-Based Hiring Is Failing India’s Workforce

India needs a shift from credential-first hiring to skill-first validation

Why BFSI Is Moving from AI Experiments to AI Systems

For the past few years, Artificial Intelligence in banking, financial services, and insurance has...

The Human Algorithm: Why the Future of Digital Marketing Belongs to Empathetic Strategists

The modern marketing department is quieter than it used to be. The frantic tapping...

How AI is Rewriting the Economics of India’s $300 Bn IT Services Sector

When Microsoft CEO Satya Nadella recently disclosed that artificial intelligence now generates nearly 30...

AI and Fake Content: Can Technology Win the Battle Against Misinformation?

Artificial Intelligence has transformed how content is created, manipulated, and distributed at scale. News,...

Why Micro Learning at 3 Minutes Works Better Than Lectures at 3 Hours

In the fast-moving world of digital education, there is one myth that continues to...

“Budget should focus on reducing taxes on capital gains,” Says Abhishek Gupta of Hex N Bit

Speaking in the upcoming Union Budget 2021, Abhishek Gupta, Founder, and CEO, Hex N...

“China is a Global thief” Rep. Tom Rice on Uyghur Forced Labor Prevention Act

Speaking at the House on Uyghur Forced Labor Prevention Act, Rep. Tom Rice (R-SC)...

India’s Cloud Cost Crisis: Why Startups Are Rethinking Their Tech Stack

Over the last ten years, startups in India have experienced an incredible boom driven...

Top No-KYC Crypto Casino Sites in 2026

Most online casinos demand a lot of personal information from you before you can...

How Machine Learning Is Redefining Short-Term Borrowing for Tech-Savvy Consumers

Short-term lending has long relied on limited snapshots of a borrower’s history. That approach...

The Role of Edtech in Addressing Equity Gaps in Higher Education

In the fast-paced world of EdTech today, the opportunity to bridge educational gaps and...

Alphabet Discloses $2.14 Billion in Public Equity Holdings as of June 30

Alphabet Inc. disclosed $2.14 billion in equity securities held across 39 positions as of...

India to generate $100 bn from telephonic investments

India expects to attract $100 billion in investments in the telecom sector, a union...