Welcome to the Era of the Zero-Trust Consumer

Zero-trust architecture, in which everything is treated as a potential threat, is becoming the norm in industry. Our expert suggests it’s time to make the consumer a part of that framework.

Written by Ralph Rodriguez
Published on Mar. 08, 2023
A combination lock on a briefcase set to triple zeros
Image: Shutterstock / Built In
Brand Studio Logo

Consumers are increasingly putting their trust in online service providers. Their digital lives have evolved and become exponentially more nuanced in recent years than ever before, whether they are accessing accounts, making purchases, or conducting business. Is the rate of online expansion, however, being matched by an increase in cyber risk?

To stay ahead of security threats, the technology industry is constantly developing new solutions. The sophistication and frequency of these threats, as well as the bad actors behind them, are rapidly increasing. It's no secret in the industry or elsewhere that keeping up with today's cybercriminals is nearly impossible, and businesses and governments must remain vigilant at all times.

But are consumers watchful? For the most part, they do their best to manage the security and privacy of their data online, but even their most concerted efforts can only go so far. Their ability to protect their identities is largely dependent on the security technologies used by the companies with which they have accounts.

Consumer expectations for the underlying conditions surrounding identity security online is a topic we recently examined. The data revealed the emergence of a unique mindset — one that leaves both businesses and their customers at an inflection point.

What Is a Zero-Trust Consumer?

The zero-trust consumer mindset demonstrates that consumers are becoming more aware of the growing state of digital threats and are willing to take the necessary countermeasures to protect their information and accounts. They are willing to take extra security measures to prove their identity on a regular basis.

More in CybersecurityMutual TLS: A Tutorial

 

Zero Trust: An Architecture and Mindset

Zero trust architecture is an industry approach to cyber threats that is gaining traction among businesses. This approach emphasizes the need to be prepared for any and all threats, that no perimeter is secure, and that no one can be trusted.

The customer is an important entry and exit point in any business. Companies must implement identity proofing and authentication methods that allow them to trust their customers from the start and during each subsequent authentication. This means that customer identity access management (CIAM) is a critical component of zero-trust architecture.

According to a report by Capterra, 84 percent of companies are either implementing zero trust or plan to do so in the future. In fact, the Biden administration is mandating U.S. government agencies implement a federal zero-trust architecture strategy, requiring agencies to meet specific cybersecurity standards and objectives, by the end of 2024.

While businesses and governments are taking strict measures to protect themselves from cyber threats, they need their customers and constituents to be more aware and change their behavior as well.

Consider the digital password, a security measure that dates back to 1961. Despite mounting industry pressure to move beyond vulnerable passwords, they continue to be the standard security measure, regardless of the fact that they are amongst the least trusted ones.

Nonetheless, consumers are aware that passwords are a problem. According to the study, 87 percent of consumers are concerned about how quickly security threats are evolving. Separately, 92 percent believe that fraud will continue to outpace the ability of security technology and businesses to combat cybercrime.

This realistic approach to security is spawning a new breed of digital consumers: the zero-trust consumer. This evolving consumer mindset demonstrates that consumers are becoming more aware of the growing state of digital threats and are willing to take the necessary countermeasures to protect their information and accounts. Consumers are willing to take extra security measures to prove their identity on a regular basis.

A Smarter, Safer WorldCSPM: An Introduction to Cloud Security Posture Management

 

The Future of Zero Trust

Finally, the password should not be the barrier between a company and its customers.

Despite companies' dedication to technological advancement to consistently improve their products and services, this focus needs to be recalibrated to better address all stages of the customer journey, including initial login and account access. Companies must consider the impact of every touchpoint as the digital experience becomes a central component of the customer experience.

The good news is that ready-to-implement consumer measures already exist. Two-factor and multifactor authentication are rising in popularity. With Apple, Microsoft, and Google implementing passkeys into their operating systems, the push for new industry standards has already begun. Due to widespread consumer adoption, consumers' familiarity and comfort with these innovations are growing (like unlocking smartphones with a fingerprint or boarding airplanes more quickly with retinal scanning kiosks).

The moment has come to accelerate the shift away from standard passwords and toward comprehensive identity verification and authentication. By recognizing and embracing the zero-trust consumer, businesses may establish trust with any customer through the use of sophisticated security measures.

Explore Job Matches.