In 2009, Forrester introduced the term Zero Trust as a set of concepts geared to network security and rooted in the idea that the trust model of security needed to evolve. Since then, marketing hype has co-opted the term creating confusion and misunderstanding about the actual definition of Zero Trust and driving skepticism about its practical, real-world implementation.
In this report, Forrester recounts the evolution from 2009’s focus on network segmentation to today’s view that “data protection is the heart of Zero Trust.” Forrester guides organizations to a framework and key principles for their Zero Trust initiatives. Some of the guidance includes:
• Frameworks enable organizations to get to Zero Trust
• Align to business drivers
• Scope your Zero Trust initiative
Security and risk professionals can use this report to cut through the noise to define what Zero Trust is, what it is not, and what you can do to implement Zero Trust into your organization.