The ZEro Trust DECision Making (ZEDEC) Method: Selecting Relevant Zero Trust Concepts to Mitigate High-Priority Risks

Abstract

Zero trust is a security principle that allows organisations to be more resilient to cyber threats than the traditional perimeter-based security solutions, by ensuring that users and devices are not trusted by default. In order to minimize security risks, 72 \% of the companies were planning to implement zero trust capabilities into their security solutions in 2020. However, zero trust architectures have not yet succeeded in replacing traditional security solutions, because organisations have trouble overseeing how they should handle the migration process --- the design of a zero trust architecture differs per organisation, depending on their needs. Therefore, this research proposes a ZEro trust DECision making (ZEDEC) method that helps these organisations decide which zero trust concepts they should integrate into their zero trust architecture. We follow the design science method to construct ZEDEC. In the first part of the research, we conduct a structured literature review and expert interviews to identify relevant method fragments. We identify multiple zero trust concepts that organisations should consider to integrate into their zero trust architecture and discover how organisations are currently migrating towards a zero trust architecture. We also discover that in the migration process towards a zero trust architecture, organisations mainly consider zero trust mitigations that address cyber security risks as factors to decide which zero trust concepts they want to include in their zero trust architecture. Therefore, we introduce a decision matrix that includes a mapping between the zero trust mitigations and their related zero trust concepts. Ultimately, we propose the ZEDEC method with the main activities: (1) create a vision on needed changes, (2) identify context, (3) perform risk assessment and (4) identify zero trust concepts. Through an evaluation with a security expert of a theoretical scenario, we confirm that the method is correct and useful.