The concept of Zero Trust has been a source of confusion and interest for IT and cybersecurity professionals for almost two decades. It has been described as a vulnerability, a decision, a mindset, and even a paradigm shift. Its definition is hard to pin down, but it underpins various technologies. So, what exactly is Zero Trust? Where did it come from, and what does its future hold? Is it a passing trend or a significant change in cybersecurity? Can it protect infrastructures like the Internet of Things?
These questions are the focus of the Zero Trust Special Interest Group (ZTSIG), led by Cameron Bell of Condatis, a respected figure in the cybersecurity and identity fields. The ZTSIG, a grassroots initiative on LinkedIn, aims to connect cybersecurity experts, innovators, and end-users in sectors such as Central Government, Critical National Infrastructure, and National Security. This platform facilitates the exchange of ideas and advancements in cybersecurity best practices.
The ZTSIG promotes the adoption of Zero Trust principles and holds an annual conference in London. Guided by an Industry Advisory Board, the ZTSIG includes esteemed UK cybersecurity experts like Edmund Sutcliffe, Professor Bill Buchannan OBE, and Sian John MBE. The group also receives support from techUK, a Technology Trade Association in the UK, which advocates for technology’s role in shaping a better future for society and the planet.
As the Chairperson of the ZTSIG Industry Advisory Board, I am introducing a thought-provoking whitepaper titled “Zero Trust: Yesterday, Today & Beyond”, available on LinkedIn. The paper examines the evolution of Zero Trust, exploring its historical principles, lessons learned, and the challenges and implications of transitioning to a Zero Trust architecture in light of emerging trends. It serves as a guide for IT and cybersecurity professionals, revisiting the often-neglected history of IAM and proposing a path for Zero Trust’s future, along with recommendations for initiatives and potential solutions.
The establishment of the ZTSIG marks the start of a much-needed discussion about the true merits, risks, costs, and future development of Zero Trust and IAM as a whole. Zero Trust has become a popular marketing term, and it is expected to remain relevant, much like corporate network perimeters, which were thought to be obsolete but are still prevalent. According to Gartner, by 2026, 10% of large enterprises will have a fully implemented and measurable Zero Trust program. We are embarking on a long and costly journey to create a secure IAM framework in an increasingly open and collaborative network ecosystem.
The debate will delve into the risks associated with Zero Trust, the business case for its adoption, the future of IAM, the effectiveness of emerging AI-driven technologies, and the development of security architectures. The ZTSIG invites you to join the conversation and contribute to a collective understanding of Zero Trust as we shape its future.
Be a part of shaping the trajectory of Zero Trust in the cybersecurity landscape. Join the discussion today.
David Lacey, former CISO, Infosec innovator, and founder of the Jericho Forum, is widely recognized as the Grandfather of Zero Trust.