Zero-Trust Architecture and Its Cost-Effectiveness on Network Security

Abstract

Zero-Trust Architecture (ZTA) is a ‘Never Trust, Always Verify’ concept to improve cybersecurity by eliminating trust and validating network requests continuously. ZTA replaces Virtual Private Networks (VPNs) and provides solitary access to applications and data. The growth of ZTA has spiked over the years, but organizations are reluctant to invest in this security approach. Previous studies cover ways to implement ZTA, its significance, and challenges but provide limited information on available tools, prices, and the success rate of ZTA. This research shows the implementation of ZTA causes a reduction of $684K on average in risk impact over four years for small to medium-sized organizations. Organizations lack information on the quantitative evaluations of ZTA benefits and drawbacks. An in-depth analysis of ZTA to help security researchers better understand the costs and benefits of employing ZTA as a defense against cyber attacks is provided in this work.