Greek philosopher Heraclitus said that the only constant in life is change. This philosophy holds true for securing enterprise network resources. Network security has been and is constantly evolving, often spurred by watershed events such as the 2017 NotPetya ransomware attack that crashed thousands of computers across the globe with a single piece of code. These events prompt changes in network architectures and the philosophies that underlie them.
Guidance to help enterprises transition and implement ZTA is coming from the private and public sectors. Startups (i.e., Breach View, Obsidian Security, HyperCube) are capitalizing on the trend to offer zero-trust-related services. On the public front, NIST published in February the second draft of special publication 800-207, Zero Trust Architecture. The following month, the National Cybersecurity Center of Excellence, which is part of NIST, mapped ZTA to the NIST Cybersecurity Framework and offered implementation approaches. Despite the guidance, ZTA is unlikely to find full-scale adoption because the principles of perimeter security may still be relevant for some enterprises.
Read more at: HelpNet Security