Zero Trust Progress: The Best Defense Is a Good Offense

Business, As Usual, Is No Longer an Acceptable Cyber Defense

The way the adage goes is that the best defense is a good offense and in wake of the latest cybersecurity data breaches of Last Pass and Apple, the offense in question is facing deeper scrutiny. According to a NextGov report, most government agencies are ahead of corporations in adopting and implementing zero trust architecture with 72% of government organizations reported to already be implementing the framework in comparison to just 56% of companies. The data published within this report seems to suggest that businesses are viewing the transition to a zero-trust model as a lower priority and remain slow to act when it comes to the change. However, following the news of these recent, high-profile breaches and the release of this report, it seems to be in companies’ best interests to take the transitory leap sooner rather than later. Sai Huda, Chairman, CEO of CyberCatch and globally recognized risk and cybersecurity expert says that given the continuing and increasing cyber-attacks. Business, as usual, is no longer an acceptable cyber defense.

 

Zero Trust: A Journey to Optimal Cyber Security

As the threat landscape continues to evolve, Huda firmly believes that Zero Trust is a vital player in an optimal cyber security program.

“Zero trust is a journey to optimal cyber security. The ultimate objective of zero trust is to have a cyber security program in place that trusts no one and nothing and enforces continuous proofing to keep threat actors out and prevents data theft, ransomware, or other adverse outcomes,” Huda said.

The recent actions taken by federal agencies seem to indicate that they might agree.

President Joe Biden’s 2021 executive order claims that federal agencies have made “tremendous” progress toward implementing cybersecurity upgrades mandated and that the Cybersecurity & Infrastructure Security Agency (CISA) with the assistance of partner agencies has worked with the National Institute of Standards and Technology (NIST) to develop an inventory of critical software. This inventory includes placing strict development and security controls on software providers, according to written testimony from Eric Goldstein, executive assistant director for cybersecurity at CISA.

The data highlighted, indicates that agencies are making the transition to zero trust more quickly and completely than corporations are, so, naturally the status of just how far along the government has progressed in these initiatives has come under question. According to a data brief published in May 2022, by the end of the fiscal year, more than 50 federal agencies expect to have EDR Technology. These technology platforms can alert security teams of malicious activity and enable immediate investigation and containment of attacks on endpoints.

 

Current Cybersecurity Strategies

Biden’s executive order comes at a time when most organizations feel unprepared to defend themselves against cyber attacks. Based on the opinions of 400 IT professionals and leaders involved in their company’s cybersecurity strategy, Cybersecurity Dive found that almost one in five organizations is not prepared for a potential ransomware attack. About 15% of respondents said they were unprepared for an attack, either very unprepared or somewhat unprepared. The NextGov report along with the highly publicized data breaches of LastPass and Apple may serve as a signal to companies that it’s time to make the full transition to zero trust.

 

The Impact of Recent Data Breaches

Last Pass, a popular password manager system used by over 33 million people in the world, announced a recent data breach via their CEO Karim Toubba who wrote that “an unauthorized party gained access to portions of the LastPass development environment through a single compromised developer account and took portions of source code and some proprietary LastPass technical information.” Those who use the platform were assured by Toubba that their password vaults remained uncompromised, with the company claiming: “We have seen no evidence that this incident involved any access to customer data or encrypted password vaults”.

Although Last Pass hasn’t been immune to hackers before; in 2021, it faced a similar conundrum when credential stuffing was reported, putting master passwords and usernames at risk.

In a similar fashion, tech company Apple suffered a recent cyber attack that left the company warning its users of security flaws with the potential for serious exploitation from hackers. If successful, hackers could potentially gain full admin access to devices: the iPhone6S and later models; several models of the iPad, including the 5th generation and later, all iPad Pro models and the iPad Air 2; and Mac computers running macOS Monterey.

 

What Can We Learn From This Report?

Why should businesses pay attention to this report? Huda believes that CISA is expected to issue the final zero trust maturity model soon.

“CISA is expected to issue the final zero trust maturity model anytime now. But in the meantime, all federal agencies, federal contractors, and the rest of the supply chain and the industry should implement the prescribed cybersecurity controls and proactively mitigate cyber risk,” Huda said.

“The zero trust maturity model will become the law of the land soon. Thus It is necessary to stay one step ahead of the threat actors and keep our nation and businesses safe.”

Until then, what is his recommendation? Implementing cybersecurity controls and proactively mitigating cyber risk should be a priority for all federal agencies, federal contractors, and all other sectors and supply chains.

Follow us on social media for the latest updates in B2B!

Image

Latest

security
Securing the Future: AtlasIED Unveils Advanced Security Audio Solutions at ISC West 2025
July 19, 2025

At ISC West 2025, AtlasIED is set to make waves once again—this time with a seamless blend of legacy expertise and forward-thinking innovation. As security demands evolve to encompass smarter, more communicative environments, the company’s unveiling of a VoIP commercial-grade doorbell is more than a product launch—it’s a nod to the increasingly interconnected nature of…

Read More
audio
Innovation That Listens: AtlasIED’s Product Favorites Reflect Audio Evolution
July 19, 2025

In the world of commercial audio, true innovation often hides in plain sight—camouflaged as a rock or embedded seamlessly in a ceiling. At AtlasIED, favorite products like the Atmosphere AZMP series and the discreet yet powerful AS Series outdoor speakers speak volumes about the company’s engineering focus: smart design meets acoustic excellence. These aren’t just…

Read More
work
The Soundtrack of Productivity: What AtlasIED Pros Play While They Work
July 18, 2025

At AtlasIED, where sound is the business, it’s no surprise that the background noise of the workplace is as diverse as the employees themselves. From jazz and classical to country and hard rock, team members curate their own personal soundscapes to fuel focus and creativity. Some opt for instrumental tunes to maintain mental clarity, while…

Read More
AI
AtlasIED Behind the Scenes: Redefining Support with AI and Human Assistants
July 18, 2025

In the age of AI, the question isn’t whether technology can replace humans—it’s whether it should. At AtlasIED, that debate goes beyond the theoretical, delving into how businesses can balance the efficiency of AI with the empathy and nuance of human touch. While AI assistants offer lightning-fast scheduling and data retrieval, human assistants bring judgment,…

Read More