Wednesday, October 22, 2025
Latest:

Threatshub.org sponsored-Post

The Register

Zero Trust Everywhere: a new era in cybersecurity for European organizations

TH Author

Partner Content Many organizations across Europe have taken steps to implement Zero Trust principles, securing users, devices, workloads, and applications. But while these efforts are critical, they can leave significant gaps in resilience and security if applied too narrowly.

Too often in fact, businesses focus on protecting the most immediate vulnerabilities while overlooking other important areas of the network, such as remote locations, operational technology (OT), Internet of Things (IoT) devices, and supply chain connections. As operations become more sprawling, decentralized and device-heavy, threat actors are only too happy to exploit the security gaps within the expanding attack surface.

At the same time, cyber threats are evolving faster than ever: with AI-powered cybercriminals leveraging legacy systems to access sensitive systems, move laterally across networks, and cause disruption, extortion, and data theft.

To close these gaps and address modern threats comprehensively, businesses must adopt Zero Trust Everywhere – a model that eliminates implicit trust and expands zero-trust principles across every layer of IT infrastructure.

Why traditional zero trust is only part of the solution

Zero trust is the gold standard of modern cyber security. The principle that no user, device, workload, or application can be trusted by default is recommended by leading authorities like the National Institute of Standards and Technology (NIST), a globally respected U.S. agency that establishes best practices for securing digital systems.

While many organizations have taken steps toward zero-trust architecture, however, these efforts often stop short of addressing the risks outlined in the neglected network areas above. This is because many IT teams adopt a phased approach to deploying zero trust, but stall after initial successes of securing users’ web traffic and access to applications.

These first steps undoubtedly reduce an organization’s attack surface, but a limited deployment of zero trust is like building a secure perimeter around half your house while the other half has no locks or alarms. Some attackers will be put off at the sight of secure doors and windows at the front, but other more determined attackers will look past the strongest defenses to find weak points elsewhere.

The state-backed hackers and high-end cybercriminals that have methodically and persistently targeted industries central to the UK, such as financial services, healthcare, advanced manufacturing, and retail, are likely to try other attacks avenues until one is successful.

The path to zero trust everywhere

Securing the other half of the house is where Zero Trust Everywhere comes in; taking organizations’ approach beyond users, devices, workloads, and applications to address all areas of cyber risk:

  • Segmenting branches, factories, and warehouses: Remote sites, manufacturing facilities, and logistics hubs must be treated as isolated entities rather than relying on implicit trust within network perimeters.
  • Isolating IoT and OT Devices: Every IoT or OT device must be segmented and have security policies enforced.
  • Removing third-party network access: All supplier communications should be routed through a secure system to negate trust assumptions and protect supply chain ecosystems.

By implementing these measures, organizations can strengthen their cybersecurity posture and dramatically reduce their attack surface, leaving fewer avenues for threats to infiltrate and propagate. Additionally, these measures offer significant operational benefits such as cleaner architectures, simpler management, and by extension, lower maintenance costs.

Meeting regulatory expectations

A Zero Trust Everywhere approach not only fixes security gaps (and unlocks operational efficiencies), but also helps organizations comply with regulations like the Data Protection Act 2018, UK NIS Regulations, and National Cyber Security Centre (NCSC) guidance. These frameworks are vital for keeping data secure and businesses resilient.

Beyond avoiding penalties, compliance strengthens trust with customers and partners. It signals a commitment to protecting privacy and securing sensitive data, both of which are qualities highly prized in international markets. This helps organizations ensure ongoing access to cross-border partnerships and market opportunities. That’s critical for sectors like automotive manufacturing and logistics. With Zero Trust Everywhere in place, compliance moves from being a reactive obligation to becoming a proactive enabler of growth and competitiveness in global markets.

Staying ahead of hackers starts today

Zero Trust Everywhere is a blueprint for managing expanding technology risks, the demands of globalization, hybrid workforces, and geopolitical challenges. It’s a valuable tool for safeguarding the UK’s competitiveness as a global financial and innovation leader.

The time for UK CIOs and CISOs to act is now: Zero Trust Everywhere paves the way for growth, innovation, and transformation without compromise.

Contributed by ZSCALER.

READ MORE HERE