“Many organizations still hesitate to pursue it because they associate zero trust with rigid architectures, operational complexity, and high implementation costs,” Wickert says. “That perception is rooted in the legacy days of reassigning IPs, redesigning routing, re-plumbing VLANs, or physically rewiring environments just to enforce segmentation policies.”
The industry-wide shift to software-defined and cloud-driven data centers has lifted legacy challenges while creating new issues in the shape of growing policy and application complexity.
“One of the biggest obstacles to zero trust at scale is no longer the infrastructure — it’s the challenge of defining, governing, and maintaining policies that adapt across hybrid networks, spanning on-prem firewalls, cloud-native controls, SDN, SD-WAN, and SASE technologies,” Wickert says. “The most effective way to overcome these challenges is to shift the focus of segmentation from ‘devices and subnets’ to applications and their connectivity.”
