In the world of cyber security, the overall strategy I subscribe to is “Defence in Depth.” In a nutshell, this means creating a multi-layered system where each layer addresses non-correlated risks. You must assume that each layer is non-absolute in its protection: eventually, a layer will be breached. By layering your security, you are effectively buying time.
The classic medieval example is the castle built on a hill, surrounded by a moat, revetments, and a keep. Because it is on a hill, you see the attackers coming. The moat and walls slow them down. Each obstacle provides the defenders with time to react, reposition, and respond.
Zero trust is a vital part of this defence in depth strategy, but it is not an absolute solution. It is comprised of three primary elements:
- The WHO problem: Authentication. Who are you?
- The WHAT problem: Authorisation. What are you allowed to do?
- The HOW problem: Access. How do I get you to that resource?
Zero trust means solving for who, what, and how on a per-person basis (never using shared accounts), using fine-grained permissions rather than all-or-nothing access, and doing so per-resource rather than for an entire network at once, like a traditional virtual private network. It also means placing zero trust in how you attach to the network. You must prove who you are for each specific resource: you cannot just connect to a virtual private network or plug in an ethernet cable and assume you are safe.
AI as a Risk Amplifier
Now, let’s consider the risks associated with artificial intelligence. While AI has its own unique risks, it is primarily an amplifier of existing ones. Risk is a simple equation: Threat multiplied by Vulnerability multiplied by Outcome. The primary thing artificial intelligence does is decrease the cost associated with exploiting a vulnerability.
When we look at the “Threat,” we ask: who is the attacker? Is it a nation-state actor, or a tired systems administrator who accidentally rebooted the wrong server? The “Vulnerability” might be a known software flaw or a misconfiguration. The “Outcome” is the bad thing that happens: does it affect a municipal fresh water supply, or does a printer simply run out of toner?
A recent infographic from the Cybersecurity and Infrastructure Security Agency (CISA) provides excellent context here. It maps the actual attacks from 2023 to the MITRE ATT&CK framework. The primary takeaway is “credentials.” Valid accounts, spearphishing to obtain valid accounts, and brute force guessing of accounts comprise approximately 80 per cent of successful attacks.
The old Italian philosopher Vilfredo Pareto once described an 80:20 rule, and it holds true in cyber security today.
Our Philosophy of Zero Trust
Because credentials are the primary target, a large part of our philosophy involves three core principles:
- Remove the need for shared accounts: Every human should sign in with their single, natural, native credentials. Whether you are an internal employee or an external contractor, you should use single sign-on with properly managed identity systems that implement heuristics around password guessing, strength, etc.
- Increase authentication strength: We advocate for multi-factor authentication, which requires any two or more of: something I have, something I know, or something I am. This goes back to the non-correlated risks mentioned earlier. The method someone uses to guess a password is entirely different from how they might steal a physical security key. These risks are divisive rather than additive.
- Remove lateral traversal: I call this reducing the “blast radius.” If a team member has their signed-in phone stolen at lunch, what can the thief do? In a zero trust environment, they can only do what that specific user is authorised to do, within the limits of the access token recently established.
Is zero trust a panacea? Certainly not. Belts and suspenders exist for a reason. Submarines have internal watertight doors for a reason. It is part of a balanced breakfast of security measures.
The Marketing of AI Danger
I should note that much of the current “mythos” surrounding the danger of artificial intelligence is a brilliant marketing campaign. Claims that a model is “too dangerous to release” create massive demand. While models from OpenAI, Google, and others are amazing, the marketing PR teams are genius at framing risk as a feature.
If I were to attack an organisation like yours using AI, I would focus on human engineering. Business email compromise via AI-generated emails can be incredibly convincing. For example, an attacker might scrape information from open-source intelligence to send a message like: “Hey, it is Joe from the XYZ team. Remember that company picnic last week? I forgot my laptop in the office and need the RFP responses: could you please send them to my personal account?”
The human “lizard brain” starts trusting very fast when presented with information it assumes would only be known by a real party (often called the “facebook scam”). AI also reduces the cost of brute force attacks, such as guessing wifi passwords or scanning for vulnerabilities. In short, AI changes the bar for attacking you. A small municipality might not be a bank full of intellectual property, but with AI, a lazy attacker can cast a much wider net.
The Asymmetric Cost of Defence
Does AI render existing security principles invalid? No. Does it increase the already asymmetric cost of defending versus attacking? Absolutely. The blue team (defenders) needs to be right 24 hours a day, 365 days a year. The red team (attackers) only needs to be right once.
This is why defence in depth is so critical. Give yourself visibility, slow the attackers down, and give yourself time. Keep the section doors closed in the submarine.
As nation-state cyber saber-rattling has ratcheted up, the target has changed. A wastewater plant in a mid-size municipality might not be a dollar-rich target for criminals, but it is an embarrassing target to hit for geo-political reasons. We have seen this in Aliquippa, Pennsylvania, and Muleshoe, Texas. In the risk equation, the “Threat” has gone up even if the “Vulnerabilities” remain the same.
I am also concerned that we are crossing the singularity of zero-day disclosure. In 2020, the time from discovery to disclosure was 745 days. In 2025, it was 44 days. In a perfect world, a vendor has only 44 days to solve, test, package, and deliver a patch. This is approaching the 10-day range. This means that mitigating measures, such as an identity-aware web application firewall, are becoming even more important than the “patch early, patch often” mantra.
With our system, combining an identity-aware web application firewall with best-in-class identity providers, I am confident it remains a relevant and necessary part of your defence in depth.
Related Content: