The Path to Zero Trust

There is no single, clear path to zero trust. The path varies according to an organization’s maturity and its regulatory and compliance demands. A CISO might focus on establishing an action plan, on the steps needed to translate that plan into action, or on the action itself. The path to ZT spans all these areas and should also incorporate the ability to harvest benefits and learnings, reset priorities and objectives, and progress incrementally towards a zero trust vision.

An organization’s current maturity levels and/or business priorities shape its perceptions of the path to zero trust. Stratascale research identified three distinct phases and 10 discrete steps that will help CISOs as they define a multi-year approach to ZT strategy development and refinement. The path starts with “GOHIO” (Get Our House in Order), ensuring that the business has the core capabilities needed to embark on the ZT journey. It then proceeds through three stages:

Foundational activities that establish ZT priorities and objectives.
Transitional initiatives that bridge from high-level strategy to substantive ZT process and technology rollouts.
A deploy, monitor, and evolve stage that includes first steps, instrumentation, incremental deployment, and continuous improvement.

Through the process, a detailed understanding of how ZT is achieving security goals, combined with a business-level understanding of how this achievement contributes to success, enables the CISO to build proactively to a state where ZT continuously aligns with evolving business requirements and opportunities.

Click here to access the Stratascale Executive Guide to Zero Trust report, “The Path to Zero Trust”