Why We’re Backing the Shift to Zero Trust
Cyber Attacks on the Rise Within a New, Convoluted Network
Ransomware cyberattacks increased by an eye-popping 105% last year.¹ Now, more than ever, organizations of all shapes and sizes need to rethink their approach to cybersecurity. Historically, CISOs operated under a “trust but verify” framework; once inside an organization’s network, users and endpoints were trusted and granted access.
But with digital transformation initiatives moving companies’ network infrastructure to the cloud, hybrid work increasing the number of connected devices, and an increased reliance on third party apps and organizations, defining and maintaining a network perimeter has become increasingly difficult. The old “trust but verify” approach no longer makes sense.
Where to Next? Changing the Security Paradigm
In 2010, Forrester Research analyst John Kindervag coined the phrase “Zero Trust.” Forget basing everything off the delineation between inside and outside the network, this framework posits; instead, security should be designed as if there is no safe, trusted network. Don’t trust any device, user, or application by default, no matter where it resides.
While the concept of Zero Trust is no longer new, we think the trends outlined above make solutions that help organizations shift to Zero Trust poised to rapidly gain market share and importance within the cybersecurity stack over the next decade.
Unfortunately, there’s no silver bullet solution that will take an organization from the old framework to Zero Trust nirvana. Zero Trust requires organizations to procure several types of cybersecurity solutions that enable the continuous validation of users, identities, and activities.
Below are some examples
- Single sign-on: Authentication and authorization solutions that enable users to access several enterprise applications with one set of login credentials improve efficiency while helping ensure secure access.
- Identity and access management: Tools that help organizations quickly identify their customers’ and employees’ identity are a critical layer of security in the world of Zero Trust.
- Privileged access management: As organizations grow, it becomes increasingly critical to have centralized tools to manage authorization and governance based on a user’s roles and responsibilities.
Investing Behind Zero Trust Enablers
Here at Volition, we have been fortunate to partner with cybersecurity companies early in their growth journey to becoming market leaders like PingID, Securonix, and Black Kite. We are excited to invest behind the next generation of innovators making enterprises more secure by helping them on their journey to Zero Trust.