The road to Zero Trust not necessarily paved with gold

Issue 5 2023 Editor's Choice, Access Control & Identity Management, Information Security

As discussed in my first article in this series, whilst Zero Trust must be the goal, there are a few potholes to navigate on the journey. Let me expand slightly more on these caveats, but also expose the greatest ally of Zero Trust.


Paul Meyer.

Peer to peer (P2P) technologies – prevalent in the late 1990s and very popular at that time – present another challenge in the road to Zero Trust.  These technologies were widely used across enterprise workforces and are known to be inadvertently capable of counteracting the principles of Zero Trust, particularly in Windows 10. Unless stringent Windows update sharing configurations are in place, P2P settings in this environment can inadvertently enable unauthorised lateral movement, exposing sensitive data.

Another potential weak point for Zero Trust implementations is the adoption of mesh network technology, where the trust model is built on keys or passwords and thus lacking the dynamic authentication necessary for robust Zero Trust setups.  Relying entirely on keys or passwords for access has been proven to be unsuccessful – all one has to do is to look at recent high profile breaches that highlight the hazards of this approach. Such protocols can easily be exploited by today’s highly tech savvy cyber criminals who appear to gain unrestricted access to sensitive resources with ease.

The ever expanding attack surface

Above are just some of the stumbling blocks to the implementation of Zero Trust, and if one adds the endpoint explosion through the internet of everything, the challenges are exponentially multiplied. For example, IoT is a major consideration for industries that already use a huge number of connected devices in their daily environments, as well as industries where this change is imminent.

There is not enough scope in this article to continue ad nauseam to outline the hurdles, and yet reveal how all can be conquered. But before I move to the positive, I must briefly touch on the all-important matter of regulatory compliance. New requirements are constantly emerging as legislators  struggle to keep pace with the latest trends and technologies, but the bottom line is that enterprises must also keep pace or risk the consequences of cyber breaches, namely reputational damage, hefty fines and operational downtime.

If, in reading this you are throwing your hands in the air and wondering just how much more difficult implementing Zero Trust can be, let me relieve some anxiety by noting that organisations tackling endpoint explosion can look to the cloud as a Zero Trust ally. Critical data can be taken off the endpoint and put in the cloud, making it impossible for cyber criminals who cannot get information from the endpoint if it is not there in the first place.

Connecting to the cloud can provide better protection and visibility into traffic as it replaces connecting to head office, for example for remote employees. Zero Trust can be enforced through the cloud without inserting a firewall in front of every resource. This approach reduces the opportunity for attack as it simplifies the architecture.

The only certainty is change

Just as technology constantly changes, cybersecurity also continually evolves. The sophistication of technology change keeps pace with that of cyber threats, with risk escalating in step with the amount of data requiring protection. As you are no doubt aware, we are creating more information than we ever have before, and conversely, less than we will in the future. This is where the cloud comes into the picture again.

The consumer space well and truly embraced the cloud, using it to store data about their entire lives – including their most sensitive personal information. Although businesses have been somewhat slower to adjust, there are changes in this pattern as companies are seen to be adopting the cloud en masse with 94% of enterprises utilising at least one cloud service and an estimated 83% of all enterprise workloads said to be in the cloud.

So, while the cloud has disrupted traditional cybersecurity, it has great ability to enable Zero Trust security in the era of information overload. It is only in the cloud that big data and analytics can be leveraged over huge networks of endpoints to predict and manage threats in real time. Only the cloud can be updated effortlessly and automatically with the latest security upgrades, keeping it a step ahead.  The more pervasive cloud becomes, the better it can mobilise to confront threats as soon as they emerge.

In conclusion

The path to Zero Trust is challenging, but with a clear vision, strong partnerships, and a commitment to security excellence, organisations can fortify defences against the relentless tide of cyber threats. To do this, businesses must embrace cutting-edge solutions that align seamlessly with their changing security needs, enabling them to remain resilient in the face of ever-evolving cybersecurity threats.

Paul Meyer is a Security Solutions Executive at iOCO Tech. He has over two decades of experience in IT Security technology covering application, identity, perimeter and endpoint security. He commenced his career as a Security Engineer Team Lead and has held senior positions with multiple security vendors and ICT service providers in South Africa.

In May 2022, Paul was appointed to the role of Security Solutions Executive at iOCO, where he is responsible for identifying, learning and bringing security solutions to market. The role is strongly focused on technically supporting the sales process and managing vendor relations.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

South African fire standards in a nutshell
Fire & Safety Editor's Choice Training & Education
The importance of compliant fire detection systems and proper fire protection cannot be overstated, especially for businesses. Statistics reveal that 44% of businesses fail to reopen after a fire.

Read more...
The growing role of hybrid backup
Infrastructure Information Security
As Africa’s digital economy rapidly grows, businesses across the continent are facing the challenge of securing data in an environment characterised by evolving cyberthreats, unreliable connectivity and diverse regulatory frameworks.

Read more...
Choicejacking bypasses smartphone charging security
News & Events Information Security
Choicejacking is a new cyberthreat that bypasses smartphone charging security defences to confirm, without the victim’s input or consent, that the victim wishes to connect in data-transfer mode.

Read more...
Most wanted malware
News & Events Information Security
Check Point Software Technologies unveiled its Global Threat Index for June 2025, highlighting a surge in new and evolving threats. Eight African countries are among the most targeted as malware leaders AsyncRAT and FakeUpdates expand.

Read more...
LidarVision for substation security
Fire & Safety Government and Parastatal (Industry) Editor's Choice
EG.D supplies electricity to 2,7 million people in the southern regions of the Czech Republic, on the borders of Austria and Germany. The company operates and maintains infrastructure, including power lines and high-voltage transformer substations.

Read more...
Standards for fire detection
Fire & Safety Associations Editor's Choice
In previous articles in the series on fire standards, Nick Collins discussed SANS 10400-T and SANS 10139. In this editorial, he continues with SANS 322 – Fire Detection and Alarm Systems for Hospitals.

Read more...
Wildfires: a growing global threat
Editor's Choice Fire & Safety
Regulatory challenges and litigation related to wildfire liabilities are on the rise, necessitating robust risk management strategies and well-documented wildfire management plans. Technological innovations are enhancing detection and suppression capabilities.

Read more...
SMARTpod talks to Sophos and Phishield
SMART Security Solutions Technews Publishing Sophos Videos Information Security News & Events
SMARTpod recently spoke with Pieter Nel, Sales Director for SADC at Sophos, and Sarel Lamprecht, MD at Phishield, about ransomware and their new cyber insurance partnership.

Read more...
Cybersecurity and insurance partnership for sub-Saharan Africa
Sophos News & Events Information Security Security Services & Risk Management
Sophos and Phishield Announce first-of-its-kind cybersecurity and insurance partnership for sub-Saharan Africa. The SMARTpod podcast, discussing the deal and the state of ransomware in South Africa and globally, is now also available.

Read more...
Nice unveils MyNice Smartgo
News & Events Access Control & Identity Management
Nice SA has announced the release of MyNice Smartgo, a compact access automation solution, designed specifically for the South African market, combining an easy-to-install device with a user-friendly smartphone application.friendly smartphone application.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.