The traditional approach to cybersecurity builds a “fence” of safety around networks that give access to essential business assets so bad actors cannot break in and introduce malware and ransomware. This is often called perimeter security. There are flaws in this approach, however. No matter how secure the gateway, once through, the hacker has access to everything behind the firewall. In addition, the network perimeter has blurred in recent years, going beyond the traditional enterprise perimeter to accommodate remote work and SaaS applications.
Strategies such as multi-factor authentication (MFA) have strengthened the gateway, and that has been important, but those strategies have not resolved the danger in diverse networks. It may take more work to get through, but once inside, hackers can move laterally across the network and introduce ransomware or steal information.
Albert Einstein said that, “Problems cannot be solved with the same mindset that created them.” ZT is a different mind set that approaches security differently.
Perimeter security assumes a user or connection is trustworthy until security systems flag a breach. ZT in its purest form assumes that attackers are always close by, and that whether it is within the enterprise perimeter or not, no connection attempt is secure until it is authenticated.