Zero trust Network Architecture, layers! ZTNA is all about layers, like onions are about layers. The best description in video form that I have ever seen…… Monty Python below in the video link demonstrates.
ZTNA means putting “Things on top of other things”, with the ultimate goal of having a security “Stack” or a castle in medieval parlance. Unfortunately without adaquate planning and architecture just like castles, ZTNA “Stacks” fall over and sink into the ground.
What happens when the budget needs to increase two fold next year to layer the next part of your ZTNA ‘journey’ (emphasis on ‘journey’ as it is not a journey but a slog) considering cyber security tools are now subscription based, most boards will not be easily convinced.
It is absolutely critical to have the correct controls in place by doing adaquate research first and knowing what will provide the biggest “bang for buck”, you probably already have most of the tools you need to be secure.
If your business is looking to embrace ZTNA, understand that the intent of embracing any cyber security methodology is to enhance security, while minimising adverse effects on your user community. This is critical because negative user effect without adequate planning will put the business sponsors in the firing line of the users suffering from reduced productivity. The business sponsors will rapidly remove their support for cyber security initiatives when there is a revolt from the staff, reducing or worse removing the initial cyber security control put in place.