Zero Trust security is now hitting the mainstream and will be compulsory for federal agencies after an executive order has been signed by United States President Joe Biden to boost the cyber posture of the federal government. An order mandated agencies to move to zero-trust as-a-service architectures and enable two-factor authentication (2FA) within 180 days.
This security model helps to maintain strict access controls and not trusting anyone by default, including those inside the network perimeter, Zero Trust, a security strategy being pushed by vendors, has now fully caught on in the enterprise.
Zero Trust is founded on a mantra of “never trust, always verify”. The cybersecurity industry introduced this model to help reduce the impact of breaches with three underlying principles:
All networks should always be treated as untrusted (If all networks are untrusted, then so must users be)
Least privilege (Home and corporate networks, pubic Wi-Fi networks, never assume that there are any safe spaces left)
Assume breach (Maintain an alert mentality because Breaches are inevitable)
This Zero Trust model confirms that everything is secure, the network and users, across identity, endpoints, and other resources using signals and data. Due to COVID-19, many have already shifted to hybrid work, which drives the move towards wide adoption of Zero Trust.
Recently, US President Biden expressed a warning to the public that a cyber breach could lead to a ‘real shooting war’ with a major power.