Cybersecurity In-Depth: Getting answers to questions about IT security threats and best practices from trusted cybersecurity professionals and industry experts.

Why Should I Adopt a Zero-Trust Security Strategy?

Zero-trust is the right approach for protecting your end users. Executing it in the right way will also help you comply with NIST standards and upcoming federal mandates.

Ash Devata, General Manager, Cisco Zero Trust and Duo Security

November 23, 2021

2 Min Read
A chip marked 'caution' on the board.
Source: Denys Rudyi via Adobe Stock

Question: Why should I adopt a zero-trust security approach?

Ash Devata, general manager, Cisco Zero-trust and Duo Security: First and foremost, a zero-trust approach is the right thing to do for the security of the organization and the protection of your end users. The bottom line is that a zero-trust approach reduces risk and helps an organization comply with regulations, while also reducing friction for users. Zero-trust is a rare, simple solution that works much better than the complexity of the past.

A zero-trust security approach also can significantly reduce the risk of compromising access, limiting the blast radius if something bad were to happen. If a user’s access is compromised, with zero-trust the compromise is limited to a specific application or applications pertinent to that user only, not to your whole network. Imagine that you had 100,000 boxes. In a traditional security approach, you grant access to all of them. But taking a zero-trust approach, you can grant your user access to just one box and not the remaining 99,999.

A zero-trust security strategy will ultimately help in your company’s digital and remote workforce transformation. The hybrid and dispersed workforce is more mobile now than at any time in our history, which means users and devices are connecting to corporate networks from anywhere. This establishes trust in users and devices through authentication and continuous monitoring of each access attempt, while custom security policies that protect every application keep an organization’s infrastructure safe. This also greatly reduces friction for end users, making it easier and enabling them to do their jobs in the most efficient manner possible. It will also reduce your cybersecurity risks and make you compliant with the Biden administration executive order that recommends a zero-trust architecture to any organization that has a government contract to better address cybersecurity risks.

If you can execute a zero-trust approach – and do it in the right way – you’d automatically be complying with and aligned to those standards, getting ahead of the game before it becomes a definitive mandate for all applications and usages.

About the Author(s)

Ash Devata

General Manager, Cisco Zero Trust and Duo Security

Ash Devata is General Manager of Cisco Zero Trust, the most comprehensive platform to secure access for any user, from any device, to any IT application or environment. Ash leads product strategy, engineering, design, and operations functions for Zero Trust products within Cisco’s broader security portfolio, including the Duo business.

Prior to taking the helm of Cisco Zero Trust, Ash led product and go-to-market strategy for Duo, where he helped it grow into a worldwide business with more than 30,000 customers. Before Duo, Ash managed the enterprise solutions portfolio at RSA.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights