For years, organizations have become accustomed to the “trust what’s inside, block what’s outside” model. But in a world where people work from home, attackers jump between systems in the cloud, and hackers use an inside-out approach, that model simply doesn’t hold up.
This is exactly what happened to one of my clients: an internal system was compromised through an old VPN access, and a ransomware attack began attempting to encrypt files. Only thanks to early implementation of Zero Trust principles – the attacker was unable to move across the network, and the attack was stopped within minutes.
What exactly is Zero Trust?
Zero Trust הוא לא מוצר – אלא תפיסת אבטחה. המשמעות המרכזית היא פשוטה: לא סומכים על אף אחד, בשום שלב, בלי אימות מחודש. כל פעולה נבדקת, כל זהות נבחנת, כל מערכת נבדקת לפי הקשר.
Instead of "once logged in – always trusted", the method works according to "never trust, always verify".
What does it look like in practice?
- Every user is required to have multi-step verification – at every login, no matter where.
- Permissions are minimal – an employee can only access what they need, nothing else.
- Every movement within the system is recorded and checked – even if the user is already authenticated.
- Every connected system is monitored – including cloud applications, edge equipment, and internal servers.
The customer – and what saved him
The attack began with an unpatched VPN connection with stolen credentials. But when the attacker tried to access additional systems, he encountered additional authentication, micro-segmentation, and a lack of permissions to access sensitive data.
The system recognized the pattern, froze the permission, and sent a real-time alert. This saved the organization from paying a ransom, downtime, and reputational damage.
Why is this especially important for businesses in Israel?
In Israel, many small and medium-sized organizations still operate according to old principles – centralized login, open VPN, users with broad privileges. Each of these is an opening for an attacker.
Zero Trust is exactly right for such businesses: it is flexible, can be implemented gradually, and most of the necessary tools already exist in systems like Microsoft 365, Google Workspace, or cloud security solutions.
How do you start?
- Mapping of all users, systems and data.
- Enable MFA on every interface.
- Reducing privileges by role.
- Division of the network into isolated areas.
- Continuous monitoring of abnormal activity.
In conclusion
Zero Trust is not a trend – it is a realistic shield. Every organization – large or small – must change its mindset: it is not enough to block the front door, you need to lock down every room individually. It is the difference between an attack that ends in the headlines, and a glitch that is blocked before it starts.
Cybersecurity and IT – two worlds, one solution.
About the Author
Idan Zabari, a leading strategic consultant in the fields of IT and information security, assists businesses and organizations in information protection, technological innovation, and regulatory compliance.