Zero-trust Is Warming Up

Implementation of zero-trust architecture is slowly but steadily gaining traction in a world where ransomware attacks are growing due to geopolitical conflicts as well as the development of artificial intelligence. A report by GlobalData says that a wider acceptance of zero-trust could happen over the next six months. 

The report goes on to explain that there would be no let up in cyberthreats, given their direct linkage with geopolitical conflicts of the kind being played out between Russia and Ukraine. David Bicknell, principal analyst of thematic intelligence at GlobalData says ransomware attacks would also be fuelled by the direct impact of AI-led interventions. 

Zero trust is essential in the AI-ML era

However, there is good news on the horizon. The zero-trust approach to security would provide companies better long-term damage limitation options, even against the most catastrophic of cyber attacks. This could happen within the next two to three years, Bicknell says, while noting that 2023 will be the year when organizations’ maturity levels would grow. 

He also notes that  zero-trust security can ensure all corporate application access is verified and authorized to strengthen attack defenses. Meanwhile, Amy DeCarlo, principal analyst of global IT hosted and managed services at GlobalData says, “Ongoing geopolitical tensions and related threats from both state-sponsored actors and related organized cyber criminals continue to loom large as organizations try to mount effective defenses against hackers.” 

Governments may have to kickstart the process

She also notes that zero-trust implementations will gain momentum as organizations seek to mirror work already done by entities such as the U.S. federal government. Readers may recall that the White House released a memo some months back that sought to move government agencies towards a zero-trust security approach. 

Close on its heels, the Department of Defense also came out with its zero-trust strategy and roadmap. However, when it comes to countries such as India, there is a growing awareness of the ZTNA (zero-trust network access) with almost a quarter of the large enterprises already implementing these solutions. A survey conducted last year with 250 respondents showed that almost 97% were aware of the challenges and sought ZTNA implementation, 

A zero-trust officer could be warranted

GlobalData also predicts that companies might soon appoint zero-trust officers to oversee its implementation through every possible option ranging from coaxing and cajoling to bullying the C-suite. Experts argue that without an officer in charge of this shift, companies may postpone their ZTNA implementation that could prove catastrophic. 

From a largely technical point of view, the report expects wider use of passkey as a replacement for passwords. The concept was introduced by the FIDO alliance that comprises big tech companies such as Apple, Microsoft and Google. Apple has already introduced the passkey feature at its WWDC event last year with the others expected to follow suit this year. 

Essentially, passkey is a cross-platform, general-use term that refers to a password replacement aimed at simplifying and security sign-ins and account registration for websites and apps across the entire gamut of devices that an individual may operate.