{"id":141524,"date":"2021-09-13T06:00:43","date_gmt":"2021-09-13T13:00:43","guid":{"rendered":"https:\/\/www.paloaltonetworks.com\/blog\/?p=141524"},"modified":"2021-10-12T01:19:41","modified_gmt":"2021-10-12T08:19:41","slug":"zero-trust-answers-top-questions","status":"publish","type":"post","link":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/2021\/09\/zero-trust-answers-top-questions\/","title":{"rendered":"Zero Trust: Short Answers to Agencies\u2019 Top Questions"},"content":{"rendered":"

Government agencies have been stepping up efforts to adopt a Zero Trust architecture since May, when President Biden signed the Executive Order on Improving the Nation\u2019s Cybersecurity<\/a>. Many of these agencies and other organizations in the public sector were already laying the groundwork for Zero Trust before the Executive Order as part of their digital transformation journey, which includes rebuilding and improving their security approach.<\/p>\n

We know that there are still a lot of questions about Zero Trust and that agencies may be wondering what it means to deploy a Zero Trust Enterprise approach with help from Palo Alto Networks. We thought we would lay out a few need-to-know basics about Zero Trust for agencies to keep in mind as they move forward in their cybersecurity journey.<\/p>\n

<\/a>What Is Zero Trust?<\/h2>\n

By definition, Zero Trust is a strategic approach to cybersecurity that secures an organization by eliminating implicit trust and continuously validating every stage of a digital interaction.<\/p>\n

The core idea of Zero Trust is to \u201cnever trust, always verify.\u201d Organizations can no longer inherently trust whatever is inside their security perimeter. As the perimeter has evolved and IT environments have become far more complex, organizations must continually authenticate, authorize and verify who and what can access an environment to grant \u201cleast privilege\u201d access. Authorization is based on who or what is requesting access, the context of the request and the risk level.<\/p>\n

Deployed properly, Zero Trust is a strategic approach to cybersecurity that simplifies risk management to a single use case: the removal of all implicit trust for users, applications and infrastructure.<\/p>\n

<\/a>What Is the Value of Adopting a Zero Trust Strategy?<\/h2>\n

Zero Trust is a way for government agencies and other organizations to build resilience into their IT networks and environments. With Zero Trust as a strategic framework for guiding the agency\u2019s security approach, the agency can keep moving forward with its mission, even if its environment is compromised.<\/p>\n

Zero Trust can also serve as a North Star to guide an organization\u2019s future security investments. Whatever the threat du jour may be, it won\u2019t be the force driving the agency\u2019s decision-making around security spending. By moving to Zero Trust, an organization can lower its costs in several ways:<\/p>\n