Cybersecurity philosophies have changed significantly over time to adapt to the changing needs of the organizations they serve. In the early days of cybersecurity, we focused on building boundaries between the “inside” and the “outside.” Users and devices that we trusted were placed inside network perimeters and granted largely unfettered access to systems and data within that environment. Those on the outside were untrusted and blocked from accessing sensitive resources. While that approach served us well for decades, it fails to meet the needs of increasingly mobile and cloud-focused organizations as well as increasingly sophisticated and covert threats and malware. The evolution of the perimeter of the network has made it difficult to draw lines between “inside” and “outside” effectively.
Zero-trust architecture (ZTA) represents a philosophical shift in cybersecurity planning that seeks to address this limitation by making trust decisions based on the identity of a user or device, rather than the location.