Close Menu
TechCentralTechCentral

    Subscribe to the newsletter

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    Facebook X (Twitter) YouTube LinkedIn
    WhatsApp Facebook X (Twitter) LinkedIn YouTube
    TechCentralTechCentral
    • News

      MultiChoice may unbundle SuperSport from DStv

      12 June 2025

      MVNO boom is reshaping South Africa’s mobile market

      12 June 2025

      South African law is failing gig-economy workers

      12 June 2025

      MultiChoice’s TV empire shrinks – but its ‘side hustles’ are holding strong

      12 June 2025

      MultiChoice is bleeding subscribers

      11 June 2025
    • World

      Qualcomm shows off new chip for AI smart glasses

      11 June 2025

      Trump tariffs to dim 2025 smartphone shipments

      4 June 2025

      Shrimp Jesus and the AI ad invasion

      4 June 2025

      Apple slams EU rules as ‘flawed and costly’ in major legal pushback

      2 June 2025

      Mark Zuckerberg has finally found a use for his metaverse

      30 May 2025
    • In-depth

      Grok promised bias-free chat. Then came the edits

      2 June 2025

      Digital fortress: We go inside JB5, Teraco’s giant new AI-ready data centre

      30 May 2025

      Sam Altman and Jony Ive’s big bet to out-Apple Apple

      22 May 2025

      South Africa unveils big state digital reform programme

      12 May 2025

      Is this the end of Google Search as we know it?

      12 May 2025
    • TCS

      TechCentral Nexus S0E1: Starlink, BEE and a new leader at Vodacom

      8 June 2025

      TCS+ | The future of mobile money, with MTN’s Kagiso Mothibi

      6 June 2025

      TCS+ | AI is more than hype: Workday execs unpack real human impact

      4 June 2025

      TCS | Sentiv, and the story behind the buyout of Altron Nexus

      3 June 2025

      TCS | Signal restored: Unpacking the Blue Label and Cell C turnaround

      28 May 2025
    • Opinion

      Beyond the box: why IT distribution depends on real partnerships

      2 June 2025

      South Africa’s next crisis? Being offline in an AI-driven world

      2 June 2025

      Digital giants boost South African news media – and get blamed for it

      29 May 2025

      Solar panic? The truth about SSEG, fines and municipal rules

      14 April 2025

      Data protection must be crypto industry’s top priority

      9 April 2025
    • Company Hubs
      • Africa Data Centres
      • AfriGIS
      • Altron Digital Business
      • Altron Document Solutions
      • Altron Group
      • Arctic Wolf
      • AvertITD
      • Braintree
      • CallMiner
      • CYBER1 Solutions
      • Digicloud Africa
      • Digimune
      • Domains.co.za
      • ESET
      • Euphoria Telecom
      • Incredible Business
      • iONLINE
      • Iris Network Systems
      • LSD Open
      • NEC XON
      • Network Platforms
      • Next DLP
      • Ovations
      • Paracon
      • Paratus
      • Q-KON
      • SkyWire
      • Solid8 Technologies
      • Telit Cinterion
      • Tenable
      • Vertiv
      • Videri Digital
      • Wipro
      • Workday
    • Sections
      • AI and machine learning
      • Banking
      • Broadcasting and Media
      • Cloud services
      • Contact centres and CX
      • Cryptocurrencies
      • Education and skills
      • Electronics and hardware
      • Energy and sustainability
      • Enterprise software
      • Fintech
      • Information security
      • Internet and connectivity
      • Internet of Things
      • Investment
      • IT services
      • Lifestyle
      • Motoring
      • Public sector
      • Retail and e-commerce
      • Science
      • SMEs and start-ups
      • Social media
      • Talent and leadership
      • Telecoms
    • Events
    • Advertise
    TechCentralTechCentral
    Home » Company News » When will Zero Trust move from hype to reality?

    When will Zero Trust move from hype to reality?

    By Skybox Security29 March 2022
    Twitter LinkedIn Facebook WhatsApp Email Telegram Copy Link
    News Alerts
    WhatsApp

    While the approach of Zero Trust may become a reality to some organisations over the course of 2022, for most organisations it will mostly exist as an aspiration. Others will claim success simply by applying a few of the many principles of Zero Trust in practice. That said, it will undoubtedly be a slow journey to get there.

    What is Zero Trust and why do we need it?

    The theory behind Zero Trust fundamentally changes how we perceive threats. Conventionally, we perceived bad actors as being on the external side of the network (the untrusted side) and viewed everyone sitting on the inside (the trusted side) to be both known and therefore trusted.

    In today’s cybersecurity climate, this a dated mindset. Unfortunately, it’s still the status quo for many organisations. This thinking goes back in time to the days where clear perimeters existed, and the only way into the network was through tightly controlled channels. And even those “tightly controlled” channels were not always secure or even the only way in.

    See how Skybox Security can help you with Zero Trust

    But the model worked to a degree, and defence-in-depth was born. Based on the continuous growth in the number of vulnerabilities and increased sophistication of both hackers and TTP (tactics, techniques and procedures) that we see today in our complex digital ecosystem, clearly something needs to change. Enter Zero Trust.

    ‘Trustworthy’ users can inadvertently let the bad actors in

    Evidence of successful data breaches and cyberattacks has shown us that bad actors can operate from within the network, on the so-called “trusted” side. This design is something that attackers can leverage to their advantage and can often go undetected until it is too late. Often, the so-called “trusted” users are unaware that an attacker may have used their user identity. The actors may be silently in the background relying on users’ privileges to infiltrate and move across the network to access sensitive data and critical systems undetected.

    Zero Trust is an approach that flips this on its head. It changes the model to one that applies the “least-privilege” principal by default, categorising all users as automatically untrusted from the outset. Therefore, to access any resource, the user must be identified and authenticated before gaining access and privileges for that application, system or resource.

    Government entities increase pressure to adopt Zero Trust principles

    Zero Trust is not going away. In fact, government entities are increasing the pressure. For example, the executive order on improving US cybersecurity, issued by the White House in May 2021, made the federal government’s position clear on the need to advance Zero Trust. Just a few months ago, it also announced the federal strategy to move the US government itself towards a Zero Trust architecture.

    As our adversaries continue to pursue innovative ways to breach our infrastructure, we must continue to fundamentally transform our approach to federal cybersecurity,” said CISA director Jen Easterly. “Zero trust is a key element of this effort to modernise and strengthen our defences. CISA will continue to provide technical support and operational expertise to agencies as we strive to achieve a shared baseline of maturity.” — Office of management and budget releases federal strategy to move the US government towards a Zero Trust architecture, the White House briefing room, 26 January 2022.

    Read our point of view on the Biden executive order

    The same goes across Europe where EU organisations are equally being encouraged to adopt Zero Trust principles with the latest revision of the European NIS directive, NIS2.

    Concern about maintaining business operations stunts Zero Trust framework adoption

    We can’t deny that a methodology designed to establish different levels of trust as additional access and movement is required and is entirely logical. However, implementing a complete Zero Trust model successfully, as it is defined, is largely impractical in the real world and an unrealistic objective for many organisations.

    That’s not to say Zero Trust is unrealistic to achieve because it’s flawed or doesn’t work; applying the theory to practice in the real world is just difficult. In the real world, enterprises face many challenges: fragmented infrastructures, legacy systems, bespoke applications, visibility, cloud environments, existing transformation, migrations and more.

    Businesses are reluctant to make changes that impact important organisational operations. This impact must be considered when changing how an infrastructure behaves and how users (employees, customers, partners) interact with these services.

    When considering operational impact, redefining and redesigning access and privileges is extremely complex. Thus, Zero Trust has often been considered “hype” instead of “reality” due to the difficulty level of implementation.

    Zero Trust will become the new best-practice benchmark

    Enterprises should look to identify areas of their networks and critical assets where Zero Trust is achievable. They can then apply Zero Trust principles to make solid improvements to increase their security posture efficacy overall. Those that make inroads – even incrementally – will be much more successful in preventing a security breach over the next few years.

    Over the next few years, many enterprises will set Zero Trust security objectives in their strategy, with established metrics to evaluate and measure success. The organisations that fail to take this initiative will continue to leave parts of their critical infrastructure open and susceptible to sophisticated attacks, not to mention the steady increase in cost of managing and operating a suboptimal defence strategy over time.

    Zero Trust will become the new best practice benchmark, particularly for organisations undertaking cloud transitions and migrations to cloud services. In this case, defining trust models and data access within cloud environments becomes more practical and achievable.

    Advance your Zero Trust network strategy with the Skybox Security Posture Management platform

    Skybox Security can help you establish and maintain a Zero Trust framework by providing visibility and a continuous understanding of your hybrid networks and the attack surface across all environments. You need to model and analyse your network, cloud and security configurations together. This context helps you make informed decisions about what critical assets to protect with Zero Trust, how to properly design the network environments and what specific policies need to be applied. Once the Zero Trust architecture is established, continuous and adaptive modelling of the hybrid networks is necessary to effectively maintain the Zero Trust posture.

    Skybox can help you advance these five key areas of developing and executing a Zero Trust strategy:

    1.) Determine where to focus your zero trust efforts. With Skybox, you can aggregate and consolidate data sets that reflect the current configurations of your hybrid infrastructure, all your security controls, and endpoints. You can then identify the critical assets, applications, data repositories and infrastructure that will comprise your Zero Trust zone.

    2.) Model your hybrid network. By understanding your network connectivity, combined with your network and security configurations, you will know what you are starting with. Then you can visualise and assess your security efficacy and develop your Zero Trust strategy.

    3.) Architect for Zero Trust. Develop and optimise segmentation strategies, as well as configure and optimise your network and security technologies.

    4.) Establish and validate Zero Trust policies. With Skybox, you can automatically assess policies for exposure risk and compliance. Validate policies using a network model.

    5.) Monitor and maintain. Leverage a network model to continually monitor your hybrid networks. Validate changes before they go live to ensure compliance. Automate change management processes and align with your Zero Trust architecture.

    Visit www.skyboxsecurity.com for more information or check out all the recent Skybox Security content on hub.techcentral.co.za/skybox.

    • This promoted content was paid for by the party concerned


    Skybox Skybox Security
    Subscribe to TechCentral Subscribe to TechCentral
    Share. Facebook Twitter LinkedIn WhatsApp Telegram Email Copy Link
    Previous ArticleCourt orders analogue TV switch-off delayed until June
    Next Article Rise to the Challenge with the new Redmi Note 11 Series from Xiaomi

    Related Posts

    4 tips for exposure management of your business applications

    19 February 2025

    Network professionals lose nearly half their week to manual tasks that could be automated

    3 December 2024

    Skybox: half of firms fear security incidents due to siloed network and security teams

    17 October 2024
    Add A Comment

    Comments are closed.

    Company News

    SAPHILA 2025 – transcending with purpose, connection and AI-powered vision

    13 June 2025

    Building a cyber-resilient culture from the boardroom to the front lines

    12 June 2025

    How South Africa’s municipalities are finally getting smart

    12 June 2025
    Opinion

    Beyond the box: why IT distribution depends on real partnerships

    2 June 2025

    South Africa’s next crisis? Being offline in an AI-driven world

    2 June 2025

    Digital giants boost South African news media – and get blamed for it

    29 May 2025

    Subscribe to Updates

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    © 2009 - 2025 NewsCentral Media

    Type above and press Enter to search. Press Esc to cancel.