Skip to content
MarketScale
‹ Back to IndustriesSoftware & Technology

Zero Trust Progress: The Best Defense Is a Good Offense

Business, As Usual, Is No Longer an Acceptable Cyber Defense The way the adage goes is that the best defense is a good offense and in wake of the latest cybersecurity data breaches of Last Pass and Apple, the offense in question is facing deeper scrutiny. According to a NextGov report, most government agencies are…

This story was produced through MarketScale. See how Software & Technology teams put it to work with Executive Thought Leadership.

By Software And Technology ·
Share

Key takeaways

01

Business, As Usual, Is No Longer an Acceptable Cyber Defense The way the adage goes is that the best defense is a good offense and in wake of the latest cybersecurity data breaches of Last Pass and Apple, the offense in question is facing deeper scrutiny.

02

According to a NextGov report, most government agencies are…

Business, As Usual, Is No Longer an Acceptable Cyber Defense

The way the adage goes is that the best defense is a good offense and in wake of the latest cybersecurity data breaches of Last Pass and Apple, the offense in question is facing deeper scrutiny. According to a NextGov report, most government agencies are ahead of corporations in adopting and implementing zero trust architecture with 72% of government organizations reported to already be implementing the framework in comparison to just 56% of companies. The data published within this report seems to suggest that businesses are viewing the transition to a zero-trust model as a lower priority and remain slow to act when it comes to the change. However, following the news of these recent, high-profile breaches and the release of this report, it seems to be in companies’ best interests to take the transitory leap sooner rather than later. Sai Huda, Chairman, CEO of CyberCatch and globally recognized risk and cybersecurity expert says that given the continuing and increasing cyber-attacks. Business, as usual, is no longer an acceptable cyber defense.

Zero Trust: A Journey to Optimal Cyber Security

As the threat landscape continues to evolve, Huda firmly believes that Zero Trust is a vital player in an optimal cyber security program.

“Zero trust is a journey to optimal cyber security. The ultimate objective of zero trust is to have a cyber security program in place that trusts no one and nothing and enforces continuous proofing to keep threat actors out and prevents data theft, ransomware, or other adverse outcomes,” Huda said.

The recent actions taken by federal agencies seem to indicate that they might agree.

President Joe Biden’s 2021 executive order claims that federal agencies have made “tremendous” progress toward implementing cybersecurity upgrades mandated and that the Cybersecurity & Infrastructure Security Agency (CISA) with the assistance of partner agencies has worked with the National Institute of Standards and Technology (NIST) to develop an inventory of critical software. This inventory includes placing strict development and security controls on software providers, according to written testimony from Eric Goldstein, executive assistant director for cybersecurity at CISA.

The data highlighted, indicates that agencies are making the transition to zero trust more quickly and completely than corporations are, so, naturally the status of just how far along the government has progressed in these initiatives has come under question. According to a data brief published in May 2022, by the end of the fiscal year, more than 50 federal agencies expect to have EDR Technology. These technology platforms can alert security teams of malicious activity and enable immediate investigation and containment of attacks on endpoints.

Current Cybersecurity Strategies

Biden’s executive order comes at a time when most organizations feel unprepared to defend themselves against cyber attacks. Based on the opinions of 400 IT professionals and leaders involved in their company’s cybersecurity strategy, Cybersecurity Dive found that almost one in five organizations is not prepared for a potential ransomware attack. About 15% of respondents said they were unprepared for an attack, either very unprepared or somewhat unprepared. The NextGov report along with the highly publicized data breaches of LastPass and Apple may serve as a signal to companies that it’s time to make the full transition to zero trust.

The Impact of Recent Data Breaches

Last Pass, a popular password manager system used by over 33 million people in the world, announced a recent data breach via their CEO Karim Toubba who wrote that “an unauthorized party gained access to portions of the LastPass development environment through a single compromised developer account and took portions of source code and some proprietary LastPass technical information.” Those who use the platform were assured by Toubba that their password vaults remained uncompromised, with the company claiming: “We have seen no evidence that this incident involved any access to customer data or encrypted password vaults”.

Although Last Pass hasn’t been immune to hackers before; in 2021, it faced a similar conundrum when credential stuffing was reported, putting master passwords and usernames at risk.

In a similar fashion, tech company Apple suffered a recent cyber attack that left the company warning its users of security flaws with the potential for serious exploitation from hackers. If successful, hackers could potentially gain full admin access to devices: the iPhone6S and later models; several models of the iPad, including the 5th generation and later, all iPad Pro models and the iPad Air 2; and Mac computers running macOS Monterey.

What Can We Learn From This Report?

Why should businesses pay attention to this report? Huda believes that CISA is expected to issue the final zero trust maturity model soon.

“CISA is expected to issue the final zero trust maturity model anytime now. But in the meantime, all federal agencies, federal contractors, and the rest of the supply chain and the industry should implement the prescribed cybersecurity controls and proactively mitigate cyber risk,” Huda said.

“The zero trust maturity model will become the law of the land soon. Thus It is necessary to stay one step ahead of the threat actors and keep our nation and businesses safe.”

Until then, what is his recommendation? Implementing cybersecurity controls and proactively mitigating cyber risk should be a priority for all federal agencies, federal contractors, and all other sectors and supply chains.

About the author

SA
Software And Technology

Software & Technology: are you visible to AI?

Before they reach out, Software & Technology buyers ask AI engines which vendors to trust. See how AI describes your company today, and where competitors show up instead.

Free workspace

You just read one expert. Imagine publishing your whole team.

This article was produced through MarketScale. Create a free workspace and turn your own team's expertise into articles, video, and social posts. No credit card, no demo required.

NPS +73 · 1,000+ creators · 38+ countries

What you get, free

Your own MarketScale Studio workspace
One video edit a month, on us
AI writing, editing, and publishing tools
In-platform coaching to learn the system

More Software & Technology Insights

Accenture and Google Cloud launch agentic AI suite for midmarket companies under $3B in revenue

Accenture and Google Cloud launch agentic AI suite for midmarket companies under $3B in revenue

Accenture and Google Cloud are collaborating to offer pre-built agentic AI tools aimed at midmarket companies with revenues under $3 billion. This initiative seeks to address the enterprise-scale pressures these smaller firms face by providing tailored AI solutions. The collaboration emphasizes enhancing digital capabilities for businesses that are often caught between large-scale and economy-sized challenges.

  • 01Accenture and Google Cloud offer AI tools to midmarket companies.
  • 02The initiative targets firms with less than $3 billion in revenue.
  • 03It aims to enhance digital capabilities amid enterprise challenges.

Jul 7, 2026

Enterprise AI's adoption gap: investment is up, but security, data, and accountability are lagging

Enterprise AI's adoption gap: investment is up, but security, data, and accountability are lagging

Enterprise investments in AI are rising, with 86% of C-suite executives increasing their budgets. Despite this, only 32% report a sustained impact from these investments. New threats like prompt injection and shadow AI are contributing to the challenges.

  • 0186% of C-suites are increasing AI investment.
  • 02Only 32% report sustained impact from AI investments.
  • 03Prompt injection and shadow AI are emerging as new threats.

Jul 7, 2026

Apple Spent Years Insourcing Chips. It Just Locked Broadcom In Through 2031.

Apple Spent Years Insourcing Chips. It Just Locked Broadcom In Through 2031.

Apple extended its supplier agreement with Broadcom through 2031 for custom wireless and networking chips, choosing to lock in a critical supplier rather than insource these components despite years of vertical integration efforts. The deal reflects a broader supply-chain lesson: securing long-term contracts with specialized suppliers reduces volatility and risk more effectively than pursuing complete vertical integration.

  • 01Vertical integration has limits; even well-resourced companies benefit from locking in specialized suppliers over attempting to build everything in-house
  • 02Long-term supplier contracts reduce planning uncertainty for both parties, particularly when one customer represents 20 percent of supplier revenue
  • 03Demand for bespoke silicon designed for specific buyers is becoming central to semiconductor business, making strategic supplier relationships more valuable than transactional ones

Jul 7, 2026

Explore More Software & Technology Insights

Read more expert perspectives from across Software & Technology.

Browse Software & Technology Hub

About the Expert

SA
Software And Technology