The Zero Trust Integrity Dilemma for Cybersecurity Marketers
As we marketers navigate the intricacies of this cybersecurity discipline, the question that arises is:” What are the best practices when claiming to provide a Zero Trust security solution, and how to do so with integrity?”
Driven by cybercrime’s increasing scale and severity, technologies that help form a Zero Trust platform are in high demand. In a study conducted by Dr. Chase Cunningham, a leading voice in the development of Zero Trust since its inception, “ 2021 Zero Trust Market Dynamics,” 93% of security and risk professionals indicated that their company sees Zero Trust as necessary for their businesses. In a Deloitte poll published in September 2020, 37.4% of professionals at organizations adopting Zero Trust say COVID-19 has accelerated their organizations’ Zero Trust adoption efforts. And an additional 35.2% say the pandemic is not slowing down their plans to adopt.
Not only is cybersecurity a corporate priority, but also a matter of national security. In May of 2021, the Biden administration issued a new "Executive Order on Improving the Nation's Cybersecurity.” Zero Trust plays an integral role in protecting this modernization effort, becoming the critical cybersecurity strategy recommended within President Biden's executive order. The EO states explicitly that federal agencies must implement Zero Trust architectures internally and begin preparing for future Zero Trust-based cloud computing environments.
The concept of Zero Trust can be traced back to the Jericho Forum, an international group founded in January 2004. The group’s goal was to establish a security framework to handle the effect of cloud computing. In 2010, John Kindervag, an analyst at Forrester Research, coined "Zero Trust.” ZT is a holistic approach to securing modern organizations based on least-privileged access and the principle that no user or application should be inherently trusted. Thus we see brands like Centrify educating buyers with “Never trust, always verify” to reinforce their technology’s role in a Zero Trust architecture.
With increasing demand for ZT, it’s no wonder marketers want to leverage the opportunity. Many security brands make ZT solutions a central topic of their go-to-market communications. For example, we have worked with and seen leading brands like Centrify, CyberArk, Hashicorp, and Microsoft, among others building dedicated thought leadership and resources specifically on the topic of enabling Zero Trust. These brands are taking an active role in defining Zero Trust as a technical offering that may or may not truly help a company power Zero Trust strategically.
While brands in cybersecurity build their marketing strategies and define their role in this national security imperative, some skeptics question this “Zero Trust Discipline.” They claim that “Zero Trust is becoming one of the most overused phrases in cybersecurity.” We suspect that much of this “hype” is contributing to customers’ failure to implement an effective ZT strategy.
A recent report published by Fortinet, “The state of Zero Trust,” found that a “vast majority” of companies say they already have a zero-trust strategy in place or are in development. Yet, more than half said they aren’t able to authenticate users and devices on an ongoing basis. This leaves us wondering, “Why are their implementations failing, and who’s to blame?” When this data was shared on a Linkedin post, some directly blamed marketing for this.
I had a chance to talk with Dr. Chase Cunningham, a leading voice in the development of Zero Trust since its inception. Also known in the industry as “Dr. Zero Trust,” he has strong views on marketing and how brands are leveraging ZT. The misuse of the term Zero Trust has become a real problem. Brands can claim they’re part of a Zero Trust solution, but how can buyers really validate that?” Chase cautions buyers about marketing messaging that might make bold claims that make their technology seem like an essential part of a ZT solution but can’t deliver.
“There is a difference between a best-of-breed horse and a workhorse. A best-of-breed like an Arabian is really pretty and runs very fast, everybody thinks it’s cool and sexy, and that’s the horse they want. A Clydesdale can pull a fire truck and do the real work. It may not always be the coolest, newest, sexiest thing, but it is probably better to get a good “workhorse” that can do things at scale. And do it easily.” - Dr. Chase Cunningham.
This brings us back to our main question, what is the right way to leverage Zero Trust in marketing? When speaking with Chase, he applauded the efforts made by Microsoft and Appgate, who have done a great job communicating on ZT and also providing rich content to educate buyers. Microsoft has a whole team dedicated to ZT and a Zero Trust center that gives open access to resources for strategy and implementation of a ZT security architecture as well as a community forum.
“It’s very much them opening the hood and letting you look at the engine. This is what we built and how we did it. By the way, we would love for you to use our services, but you don't have to. Their corporate integrity is there.” said Dr. Cunningham.
The way I look at it, we were pushed to make what we thought would be a five-year digital and cloud computing transformation fit into 18 months. Like in many other aspects of business nowadays, in cybersecurity, we face accelerated transformations, which deepened the cracks in our cybersecurity foundation.
Cybersecurity is no joke. In 2017, the infamous WannaCry ransomware attack on the UK’s National Health Service (NHS), encrypting vital patient data and demanding Bitcoin payments for its release, left a clear message: Cybercrime can bring entire organizations or even a nation to its knees. The catch here is that in this new era of interconnectedness, we are only as strong as our weakest link.
We are in this together! Properly securing ourselves is essential, but we also need all those who have access to our networks to be secured. Zero Trust is a cybersecurity discipline designed with cloud computing in mind. Which explains the government’s sense of urgency to have ALL federal organizations work in unison and adhere to the ZT discipline together. In the cybersecurity world, we know that organizations doing an excellent job at implementing a ZT strategy can put their own firm's security at risk by allowing access to a third party who does not adhere to a ZT security discipline. We could say that this is a community discipline.
Keeping this sense of community in mind, here are our three tips for marketers looking to build a trusted brand in the Zero Trust marketplace.
Be an upstanding part of the ZT community.
Bring your brand into the ZT conversation. What role is your brand playing in developing technologies that enable a genuine ZT Security Architecture? How are you helping to define and uphold the standards of technologies? Many of the brands bringing in thought leadership are also collaborating with the NIST “to explore and expand approaches to a Zero Trust architecture.” To learn more about ways to collaborate, go here.Play well with others.
Integrations are important. Organizations need a solution that will be easy to integrate into their tech stack. There is no one brand with the magic ZT pill, and organizations will have to stitch solutions together to achieve a proper Zero Trust security architecture. Customers want to know you have their back and will collaborate with other technologies in their tech stack. Marketers need to make it easy to identify other solutions that integrate well and provide helpful tools and content to help customers achieve an effective Zero trust strategy.Educate and continually share new learning insights.
Research and honesty 🙌 In this Post-Trust Era, I invite marketers in the security world to lead with a sense of unity by sharing insight, helping educate the public on why ZT matters, and how to implement these technologies effectively. Let’s work together with integrity and ethics for a more secure tomorrow.
If you’re interested in learning more about how to leverage Zero Trust effectively for your brand, get in touch. We’d love to learn more about your experience and ideas. Let’s chat.
Ask us for a quick assessment. It’s like free therapy.
If you’re refining your approach to marketing and need help deciding where to focus first, we’d love to chat. Within about 45 minutes, we can get to the heart of your biggest challenges and help you determine where you need to prioritize to up-level your game. Schedule some time to tell us about your “Ready for Anything” challenges.
About Us
InfiniteEdge is a consultancy of marketing and culture experts that helps companies build trust and navigate today’s rapidly evolving market environment while providing all the marketing services you'd expect from a top-tier integrated agency. Invite us in to help you transition your marketing operation from reactive to responsive and develop a roadmap to help you thrive through the coming unknown.
#zerotrust #cybersecurity #techmarketing