Zero Trust: a better mousetrap for the 21st Century?
"Build a better mousetrap, and the world will beat a path to your door" is the familiar, century-old go-to cliché used to exhort innovation and exalt entrepreneurship.
Attributed to Ralph Waldo Emerson, the truth of the matter is that he never said any such thing. He did write, in 1855, “If a man has good corn, or wood, or boards, or pigs, to sell, or can make better chairs or knives, crucibles or church organs, than anybody else, you will find a broad hard-beaten road to his house, though it be in the woods.”
It wasn’t until 1889 (seven years after his passing) that the original prose were condensed and the iconic “mousetrap” introduced to yield “If a man can write a better book, preach a better sermon, or make a better mousetrap then …”
Why add a mousetrap 30 years after the fact?
Beginning in the 1870’s, a Second Industrial Revolution was in full swing characterized by extensive manufacturing standardization and automation enabling the widespread adoption of technological systems including railroad networks, gas and water supply, and sewage systems that led, in turn, to a massive retooling of cities that brought with it a wave of new hazards including mice and rats.
The society and economy of the late nineteenth century were in desperate need of a safe, reliable, economical, and easy to use mousetrap.
Sadly, this underlying logical rationale is often lost on many as evidenced by the fact that to this day, the mousetrap is the most re-invented device of all time with over 4,400 U.S. patents. Mousetraps have not been a priority for our greatest minds and investors for over a century which explains why amateur inventors make up 95% of mousetrap patents with no meaningful improvements since the 1899 snap trap (patented in 1903 – No. 744,379). The lesson here is simple, take this aphorism too literally and you will miss its meaning entirely.
Build better identification, authorization, and communication services and the world will beat a path to your portal (the 21st century mousetrap)
As we barrel through the Fourth Industrial Revolution characterized by the automation of manufacturing and industrial practices using modern smart technology. Large-scale machine-to-machine communication (M2M) and the internet of things (IoT) are producing an entirely new scale of automation, communication, and self-monitoring that are in turn fueling the next wave of economic and societal disruption, reorganization, and (surprise!) its own brand of pestilence.
Rather than the rodent-born contagion of the 19th century, it is the unrelenting attacks on identification, authorization, and communication services that threaten systemic failure and collapse.
Zero Trust is a security concept centered on the belief that organizations should not automatically trust anything inside or outside its perimeters and instead must verify anything and everything trying to connect to its systems before granting access. “The strategy around Zero Trust boils down to don't trust anyone. “
It would not be accurate to say that Zero Trust is a better mousetrap, but it does offer a conceptual framework to prioritize the central role of these core services.
While the sixth and the tenth industrial revolutions will no doubt introduce their own unique flavors of vulnerabilities and exploits, I think we can now safely paraphrase Mr. Emerson to say “Build and secure ID, authorization and communication services safely, reliability, economically, and simply, and the world will beat a path to your door.”