Traditional perimeter-based network defenses with multiple layers of disjointed security technologies have proven themselves to be unable to meet the cybersecurity needs due to the current threat environment. Contemporary threat actors, from cyber criminals to nation-state actors, have become more persistent, more stealthy, and more subtle; thus, they demonstrate an ability to penetrate network perimeter defenses with regularity. These threat actors, as well as insider threat actors, have succeeded in leveraging their access to endanger and inflict harm on national and economic security.” Ref: NSA publication U/OO/115131-21 | PP-21-0191
IT landscape today is empowered by a connected world that is more susceptible to malicious activity due to its connectedness of software, assorted users, devices, and distributed applications and services. We need simple and secure methods of connecting and interacting with organizational resources, while also keeping malicious actors at bay for users and systems. The continuously evolving complexity of current and emerging cloud, multi-cloud, and hybrid cloud, cloud native,network environments combined with the rapidly escalating and evolving nature of adversary threats has exposed the lack of effectiveness of traditional network cybersecurity defenses. With the Executive Order requirements to be compliant with the Zero trust Architecture by end of 2023, we will discuss the various facets of Zero trust and complexities of implementing Zero trust for traditional Enterprises.