The New Shape of Zero Trust
Security no longer starts and ends at the network edge. This infographic outlines how a modern Zero Trust approach replaces perimeter-based thinking with continuous verification, least-privileged access, and an assume breach mindset. View the infographic to learn the basics of Zero Trust.
What is Zero Trust in the AI age?
Zero Trust is a cybersecurity philosophy that starts from one core assumption: treat everything as a potential threat. In a world where data is spread across clouds, devices, apps, and AI systems, there is no single perimeter to defend anymore.
Instead of trusting users, devices, or apps just because they are “inside” your network, Zero Trust requires you to:
- Continuously verify who or what is requesting access.
- Limit access to only what is needed, when it’s needed.
- Operate as if a breach has already happened and design controls accordingly.
This mindset is becoming more important as attacks grow in volume and sophistication. For example, organizations are seeing a sharp jump in password attacks per day since 2021 and a notable increase in human-operated ransomware attacks from 2022 to 2023. These trends are also driving a projected cost increase for total attacks by 2028.
In the AI age, Zero Trust also means using AI to identify threats and risks faster, adapt in real time, and dynamically adjust security policies and controls across identities, endpoints, networks, data, apps, and infrastructure.
What are the core principles of Zero Trust?
Zero Trust is built on three simple principles that guide how you design and operate security:
- Verify explicitly
Continuously authenticate and authorize every access request, using all available signals (identity, device health, location, behavior, and more). This is where tools like multifactor authentication (MFA) and single sign-on (SSO) come in. Organizations that apply this principle see better protection for customer data, stronger access and authentication security, and safer remote work.
- Use least-privileged access
Give users and workloads only the access they need, and only for as long as they need it. Techniques like just-in-time (JIT) and just-enough-access (JEA) help reduce the impact if an account is compromised and limit lateral movement inside your environment.
- Assume a breach
Design your environment as if attackers are already inside. This means segmenting networks, tightening controls around sensitive data, and planning for rapid detection, investigation, and response. It also means continuously monitoring and improving your security posture.
Together, these principles help organizations rethink how they secure identities, devices, networks, data, and applications in a boundary-less, AI-driven environment.
How do we start applying Zero Trust across our environment?
Zero Trust is not a single product or tool. It is not:
- Not a product
- Not a single technology
- Not just a process
It is a framework and approach that you apply across your digital estate. A practical way to get started is to focus on these areas:
- Identities (human and non-human)
Strengthen authentication with MFA and SSO. Use AI-enhanced policy optimization to continuously refine access rules. Incorporate governance, compliance, and security posture assessment to keep identities aligned with business and regulatory needs.
- Endpoints (corporate and personal devices)
Manage and monitor all devices that access your data. Apply Zero Trust policy evaluation and enforcement, device compliance checks, and risk assessment. Use traffic filtering and segmentation to limit exposure if a device is compromised.
- Network (public and private)
Reduce reliance on broad, perimeter-based controls like traditional VPNs. Instead, segment traffic and apply adaptive access controls. Use AI-enhanced cyberthreat protection, continuous assessment, threat intelligence, forensics, and response automation.
- Data (emails, documents, structured data)
Classify, label, and protect data at rest, in motion, and in use. Use AI to better classify, label, and encrypt sensitive information so that protection follows the data wherever it goes.
- Applications (SaaS, on-premises, internal sites)
Simplify and secure access to cloud, mobile, and on-premises apps for all authorized users. Apply runtime controls, JIT access, and version control to reduce risk.
- Infrastructure (on-premises, cloud, hybrid)
Automate protection and security management across IaaS, PaaS, containers, and serverless. Use telemetry analytics and adaptive access to continuously improve defenses.
Microsoft provides a Zero Trust architecture that brings these elements together, along with tools like Microsoft Copilot for Security (generally available April 1, 2024) to help you use AI for faster detection, investigation, and response. The key is to start with your highest-risk areas, apply the three Zero Trust principles, and then expand coverage across identities, endpoints, networks, data, apps, and infrastructure.
The New Shape of Zero Trust
published by Definitive Solutions
Definitive Solutions was founded in 1999 by Peter Meade who has over 30 years in the IT industry. We deliver IT managed services, cloud and security solutions to our SMB and Enterprise clients throughout Ireland and Internationally.
We are not just another MSP; our technical skill is given, but our success has been built on the ethos of trust and our focus is always on building strong relationships. Our approach is to really understand our clients’ business challenges and goals, and implement bespoke technology products and services which meet their unique business requirements.
As an independent private company, you can trust us to give impartial advice. We stand over every product and service we recommend and will only offer the right solutions for our clients. There is no such thing as ‘one size fits all’.
Our focus on professional trust and relationships does not just apply to our long-established clients; it continues within our dedicated team, evidenced by one of the strongest retention rates in the industry, and with our partners.
All of the growth and success our business has enjoyed is a result of our outstanding team of people and we all share a passion for providing the best customer experience.
Our clients range across all industry verticals including financial services, public sector, distribution, pharma and charities. Many of our clients operate within highly regulated industries, and adhere to strict compliance and regulation standards and we work closely with them to ensure their technology strategy is aligned with their compliance responsibilities.
Sign in with LinkedIn