A zero trust approach to security has been steadily gaining steam for the last several years. This year, the importance of this approach reached a new level with the May 2021 White House executive order requiring federal agencies to shift to this architecture by fall 2024.

Even beyond the executive order, zero trust continues to build momentum. This approach assumes a breach has occurred and puts enforcing access and detecting adversaries in a network first. The 2021 Cyber Resilient Organization study, based on an annual global survey of more than 3,600 IT and security experts in over 15 industries and published by IBM Security with independent research by the Ponemon Institute, found 35% of respondents now report their organizations have adopted this approach. That may seem like a small percentage. However, evidence suggests it is gaining ground faster than any other strategy. Read on for a glimpse at the top news about this approach from 2021.

Quick Briefs: Top Zero Trust Insights

What NIST’s Guidelines Mean for Your Resources
3-Minute Read 🕒

The White House made a big splash with an executive order on improving the nation’s cybersecurity in May. Among other efforts, the order focused on the federal government’s advance toward a zero-trust architecture. This article examines the standards and guidance the National Institute of Standards and Technology (NIST) outlined in reference to it, including NIST’s “seven tenets of zero trust”.

2021 Cyber Resilient Organization Study: Rise of Ransomware Shows the Need for Zero Trust and XDR
2-Minute Read 🕒

Ransomware continues to grow. Of the respondents to the Cyber Resilient Organization Study, 46% faced one or more ransomware attacks in the last two years. Clearly, leaders need to establish a mature level of cyber resilience to better handle ransomware and other potential data breaches. Luckily, zero trust can play a critical part in that strategy. Find out more about how it can bolster your security posture.

Data Breach Costs at Record High, Zero Trust, AI and Automation Help Reduce Costs
6-Minute Read 🕒

Data breaches are expensive. According to IBM’s Cost of a Data Breach 2021 report, the average total cost of a data breach is at its highest in 17 years, at $4.24 million. But a zero trust approach can reduce that cost. The report found a difference of $1.76M, or 42.3%, between the cost of a breach to a mature zero trust organization versus the cost to entities that did not start on that path. Moreover, entities that did not apply this approach paid 19% more in breach costs for an average of $5.04 million. Find out more about how it is proving to be an effective way to support privacy, mitigate insider threats and work across hybrid clouds and edge devices.

How Data Discovery and Zero Trust Can Help Defend Against a Data Breach
4-Minute Read 🕒

A zero trust approach to data security and privacy might be the ideal framework when moving to the cloud. See how combining this approach with data discovery and classification can close gaps in your walls and make your work more efficient. You’ll also learn why it must start with sustainable and automated data discovery and classification.

What Is Zero Trust? A Complete Guide
6-Minute Read 🕒

The pandemic helped push the digital landscape toward the zero trust framework. Remote work became the new norm, and e-commerce increased. With a greater reliance on online channels, threats grew in response. Cyber crime alerts to the FBI rising to 4,000 a day compared to 1,000 before the pandemic. This article takes a back-to-basics look at the model and how it can help protect your network. In addition, it explores how to implement the framework in your business or agency.

More on This Topic

There’s little doubt that zero trust is effective, but putting this model in place won’t always be easy. A report released in December by One Identity looks at some of the challenges that crop up.

Given the new federal government mandate, it’s not surprising state government chief information officers (CIOs) are also starting to plan for the future. A National Association of State Chief Information Officers survey released in December found 67% of state CIOs said adding or expanding a zero-trust framework would be a focus in the next two to three years.

More from Zero Trust

SOAR, SIEM, SASE and Zero Trust: How They All Fit Together

Cybersecurity in today’s climate is not a linear process. Organizations can’t simply implement a single tool or strategy to be protected from all threats and challenges. Instead, they must implement the right strategies and technologies for the organization’s specific needs and level of accepted risks. However, once the dive into today’s best practices and strategies begins, it’s easy to quickly become overwhelmed with SOAR, SIEM, SASE and Zero Trust —  especially since they almost all start with the letter S.…

Contain Breaches and Gain Visibility With Microsegmentation

Organizations must grapple with challenges from various market forces. Digital transformation, cloud adoption, hybrid work environments and geopolitical and economic challenges all have a part to play. These forces have especially manifested in more significant security threats to expanding IT attack surfaces. Breach containment is essential, and zero trust security principles can be applied to curtail attacks across IT environments, minimizing business disruption proactively. Microsegmentation has emerged as a viable solution through its continuous visualization of workload and device communications…

Why Zero Trust Works When Everything Else Doesn’t

The zero trust security model is proving to be one of the most effective cybersecurity approaches ever conceived. Zero trust — also called zero trust architecture (ZTA), zero trust network architecture (ZTNA) and perimeter-less security — takes a "default deny" security posture. All people and devices must prove explicit permission to use each network resource each time they use that resource. Using microsegmentation and least privileged access principles, zero trust not only prevents breaches but also stymies lateral movement should a breach…

What to Know About the Pentagon’s New Push for Zero Trust

The Pentagon is taking cybersecurity to the next level — and they’re helping organizations of all kinds do the same. Here’s how the U.S. Department of Defense is implementing zero trust and why this matters to all businesses and organizations. But first, let’s review this zero trust business. What is Zero Trust? Zero trust is the most important cybersecurity idea in a generation. But “zero trust” is itself a bit of a misnomer. It’s not about whether a person or…