Search
00
GBAF Logo
trophy
Top StoriesInterviewsBusinessFinanceBankingTechnologyInvestingTradingVideosAwardsMagazinesHeadlinesTrends

Subscribe to our newsletter

Get the latest news and updates from our team.

Global Banking & Finance Review®

Global Banking & Finance Review® - Subscribe to our newsletter

Company

    GBAF Logo
    • About Us
    • Advertising and Sponsorship
    • Profile & Readership
    • Contact Us
    • Latest News
    • Privacy & Cookies Policies
    • Terms of Use
    • Advertising Terms
    • Issue 81
    • Issue 80
    • Issue 79
    • Issue 78
    • Issue 77
    • Issue 76
    • Issue 75
    • Issue 74
    • Issue 73
    • Issue 72
    • Issue 71
    • Issue 70
    • View All
    • About the Awards
    • Awards Timetable
    • Awards Winners
    • Submit Nominations
    • Testimonials
    • Media Room
    • FAQ
    • Asset Management Awards
    • Brand of the Year Awards
    • Business Awards
    • Cash Management Banking Awards
    • Banking Technology Awards
    • CEO Awards
    • Customer Service Awards
    • CSR Awards
    • Deal of the Year Awards
    • Corporate Governance Awards
    • Corporate Banking Awards
    • Digital Transformation Awards
    • Fintech Awards
    • Education & Training Awards
    • ESG & Sustainability Awards
    • ESG Awards
    • Forex Banking Awards
    • Innovation Awards
    • Insurance & Takaful Awards
    • Investment Banking Awards
    • Investor Relations Awards
    • Leadership Awards
    • Islamic Banking Awards
    • Real Estate Awards
    • Project Finance Awards
    • Process & Product Awards
    • Telecommunication Awards
    • HR & Recruitment Awards
    • Trade Finance Awards
    • The Next 100 Global Awards
    • Wealth Management Awards
    • Travel Awards
    • Years of Excellence Awards
    • Publishing Principles
    • Ownership & Funding
    • Corrections Policy
    • Editorial Code of Ethics
    • Diversity & Inclusion Policy
    • Fact Checking Policy
    Original content: Global Banking and Finance Review - https://www.globalbankingandfinance.com

    A global financial intelligence and recognition platform delivering authoritative insights, data-driven analysis, and institutional benchmarking across Banking, Capital Markets, Investment, Technology, and Financial Infrastructure.

    Copyright © 2010-2026 - All Rights Reserved. | Sitemap | Tags

    Editorial & Advertiser disclosure

    Global Banking & Finance Review® is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

    1. Home
    2. >Technology
    3. >Why Zero trust is the new norm (Why your IT experts expect a breach)
    Technology

    Why Zero Trust Is the New Norm (Why Your IT Experts Expect a Breach)

    Published by Jessica Weisman-Pitts

    Posted on September 26, 2022

    5 min read

    Last updated: February 4, 2026

    Add as preferred source on Google
    An illustration depicting the Zero Trust security model, emphasizing continuous verification and multi-layered protection. This image relates to the article discussing how Zero Trust is becoming essential in modern IT security strategies to prevent data breaches.
    Cybersecurity concept illustrating Zero Trust principles in IT security - Global Banking & Finance Review
    Why waste money on news and opinion when you can access them for free?

    Take advantage of our newsletter subscription and stay informed on the go!

    Subscribe

    Tags:securitycybersecuritytechnologyDigital transformationrisk management

    Quick Summary

    By Dan Conrad, Security and Management Team Lead at One Identity

    By Dan Conrad, Security and Management Team Lead at One Identity

    According to David Totten, CTO of Global Partner Solutions at Microsoft, Zero Trust has been defined as ‘a proactive, intentional integrated approach to multi-layers of security, focused on three essential principles: Explicit and continuous verification, a principle of least privilege, and intelligence and advanced metrics, identification and response.’

    Very few security terms and models have received the level of ‘buzzword’ status which Zero Trust has over the past few years. You would struggle to sit on a panel of security professionals in 2022 and not hear the term used by security and identity thinkers right across the spectrum.

    However, this ubiquitous status has not been acquired in a vacuum; the real-world situation around identity, security and authentication has forced Zero Trust into the mainstream, and with good reason.

    Zero Trust as the new normal

    There are several factors which have facilitated the Zero Trust revolution. Chief amongst these is mass migration to the cloud. Specifically, the move to public cloud systems, combined with a system of highly distributed, disparate set of corporate applications and associated access rights, which organizations have failed to understand fully. This identity sprawl creates a system which is totally lacking in defensive capabilities, and with access rights are everywhere.

    The second, undeniable factor at play is the everyday reality on the ground of data breaches. There is no more if; accepting that the breach will happen and attempting to minimize it needs to go hand in hand with preventing future breaches. A holistic model towards security works to prevent it, but expects their efforts to fail and so integrates multi-factor authentication and prevents lateral movement inside applications.

    This reality on the ground is typified by the increased number of entry points which the explosion in work and hybrid devices has facilitated. Microsoft’s CTO David Totten explained this on the recent Better Together podcast, stating that “over the last few years, people working remotely, people working from home, people working from different offices, whether it’s partners, customers, distributors, we want everyone to have more access to their information. However, what that does is it increases that threat vector ratio. In the context of a security posture, let’s make sure people get access to that data from wherever they are, but that obviously introduces complexity with the security model.”

    However, despite these obvious factors which should be a major driver of the Zero Trust model, uptake of Zero trust remains relatively low, with only 38% citing digital transformation as a reason for their move to, as opposed to a fully program. Why is this?

    Why are companies so slow to adapt their cybersecurity?

    Zero Trust heavily relies on an organization’s ability to accurately identify and classify the data it holds in each document, endpoint or system, and its ability to accurately identify and classify every user or system that may need to access that data. This can create logistical problems, with many organizations struggle with the basics of accurately identifying the number of systems they have and how they may be exposed. To further classify the data relating to those systems is a complex task that is realistically beyond the reach of most.

    Furthermore, the costs of Zero Trust are not just the products or services required to execute it effectively. The costs include the time the organization spends planning such a complex project, the time of every team in the organization to help classify their data and the time it takes for users to adapt their working ways to be compatible with a Zero Trust security strategy. Current business setups are overly permissive internally because it is just more straightforward and less costly for the business to operate this way

    Zero Trust has excellent value to more mature and agile organizations that can afford and need to invest highly in security to guarantee the continued success of their business. But for most, it could be seen as an unrealistic goal. This is the gap which security organizations’, practitioners and professionals need to bridge.

    Don’t get left behind

    Zero Trust is happening whether organizations are ready for adoption or not; the larger, more agile organizations are seeing to this. Grand View research suggests that “the global Zero Trust security market size was valued at USD 19.8 billion in 2020 and is expected to register a compound annual growth rate (CAGR) of 15.2% from 2021 to 2028. The proliferation of endpoint devices, coupled with the rising adoption of cloud technology, has triggered the need for implementing a Zero-Trust security framework.”.

    With the market expected to grow and keep growing. Failure to adapt to this change, or at least to ensure your systems are ready for the change, may mean that you fail to meet the demands of the ever-increasingly complicated authentication systems we’re all expected to navigate.

    What’s worse, failure to move appropriately with the teams could lead to your systems being viewed not only as outdated by your peers, and customers (who will increasingly demand security as a top priority), but also by threat actors looking to make the most of your inaction.

    About Author:

    Dan Conrad is a technology veteran who has spent the best part of the last decade keeping our online identities safe and secure at One Identity. In previous roles he has worked at Dell as a software consultant, and understands the importance of the digital identity to the modern enterprise better than most.

    Frequently Asked Questions about Why Zero trust is the new norm (Why your IT experts expect a breach)

    1What is Zero Trust?

    Zero Trust is a security model that requires strict identity verification for every person and device trying to access resources on a private network, regardless of whether they are inside or outside the network.

    2What is a data breach?

    A data breach is an incident where unauthorized individuals gain access to sensitive, protected, or confidential data, often leading to data theft or exposure.

    3What is multi-factor authentication?

    Multi-factor authentication (MFA) is a security mechanism that requires users to provide two or more verification factors to gain access to a resource, enhancing security.

    4What is identity sprawl?

    Identity sprawl refers to the uncontrolled growth of user identities and access rights across various systems and applications, making it difficult to manage security effectively.

    5What is the principle of least privilege?

    The principle of least privilege is a security concept where users are granted the minimum levels of access necessary to perform their job functions, reducing the risk of unauthorized access.

    More from Technology

    Explore more articles in the Technology category

    Image for Innovation Through Partnership: The Role of External Tech Teams
    Innovation Through Partnership: The Role of External Tech Teams
    Image for Nominations Open for Technology Awards 2026
    Nominations Open for Technology Awards 2026
    Image for Nominations Open for Innovation Awards 2026
    Nominations Open for Innovation Awards 2026
    Image for Archie earns industry recognition across G2, Capterra, and SoftwareReviews
    Archie Earns Industry Recognition Across G2, Capterra, and SoftwareReviews
    Image for The Bankaool Transformation: How a Regional Mexican Bank Became a Fintech Disruptor
    The Bankaool Transformation: How a Regional Mexican Bank Became a FinTech Disruptor
    Image for Submit Your Entry Today for Digital Banking Awards 2026
    Submit Your Entry Today for Digital Banking Awards 2026
    Image for Behavioral AI in Financial Services: Moving Beyond Automation Toward Human Understanding
    Behavioral AI in Financial Services: Moving Beyond Automation Toward Human Understanding
    Image for Submit Your Entry for Brand of the Year Awards Technology Bahrain 2026
    Submit Your Entry for Brand of the Year Awards Technology Bahrain 2026
    Image for Entries Now Open for Best Islamic Open Banking Burkina Faso APIs 2026
    Entries Now Open for Best Islamic Open Banking Burkina Faso APIs 2026
    Image for Entrepreneurial Discipline in the AI Economy: Insights from Dmytro Lavryniuk
    Entrepreneurial Discipline in the AI Economy: Insights From Dmytro Lavryniuk
    Image for Entries Now Open for Best New Digital Wallet Innovation Award 2026
    Entries Now Open for Best New Digital Wallet Innovation Award 2026
    Image for Call for Entries: Best Digital Wallet 2026
    Call for Entries: Best Digital Wallet 2026
    View All Technology Posts
    Previous Technology PostData Breaches in the Financial Sector
    Next Technology PostHow Artificial Intelligence Can Transform Finance Departments Seeking Agility