an organisation's journey towards zero trust is more about mindset change than technology change.
Zero Trust (ZT), according to NIST* is:
“A collection of concepts and ideas designed to minimise uncertainty …. in the face of a network viewed as compromised”.
Many definitions of ZT stress the concept of removing wide-area perimeter defences, while continuing to define themselves in relation to other, often smaller perimeters. This can lead to an over-emphasis on what should be absent when adopting ZT, as opposed to how existing environments may be augmented and evolved with new controls or architectures.
*US National Institute of Standards and Technology
Download our “Towards Zero Trust” whitepaper exploring how some organisations choose to approach and measure ZT adoption.