Zero trust was born out of the critical need to modernize outdated IT architecture, which assumes that all assets within an organization – and attached to it – should be implicitly trusted. Since CISA released their Maturing Enterprise Model — and the move to align cyber programs with White House Zero Trust strategy — it’s gained significant buzz, with NVIDIA being the most recent to adopt zero-trust security within data centers. But are organizations too quick to adopt, creating more security risk instead of mitigating it?
The guiding principles of zero trust require users to continuously re-authenticate themselves by leveraging network segmentation, preventing lateral movement and assuming “least access” policies. Recent adoption from big players aside, the benefits have been emphasized in the last several years as global industry undergoes a massive transition. Cloud adoption, remote and distributed workforces and organizations’ growing digital footprints have led to a spike in decentralized assets, posing a massive challenge to cybersecurity teams.
Out of this shift come several problems — first, zero-trust policies can only be applied to…