Abstract

The rapid advancement of digital ecosystems through the growing use of cloud, remote work, and intricate supply chains has posed a significant challenge to traditional, perimeter-based cybersecurity architectures. To address this challenge, the Zero Trust (ZT) model has emerged as a fundamental cybersecurity model based on the principles of "never trust, always verify," least privilege access, and continuous monitoring. This article provides a comprehensive examination of the status of Zero Trust implementation across industries, including the key strengths and entrenched weaknesses related to identity management, micro segmentation, telemetry, and automation. The results show that while inherent Zero Trust concepts have been widely embraced, their level of maturity remains variable due to disparate policy enforcement, legacy integration issues, and operational complexity. The convergence of DevSecOps initiatives, cloud-native applications, and benefits of artificial intelligence (AI) necessitates that Zero Trust be considered beyond the realm of static policies into adaptive, intelligence-driven architectures. Future work on developing Zero Trust principles focuses on continuous adaptive trust assessment, decentralized identity architectures, quantum-resilient methods for encryption, and privacy-preserving telemetry pipelines. The research concludes that the next generation of Zero Trust Security models must be cognitive, self-operational, and interoperable, to enable the integration of ethical design and human factors that can preserve usability in competitive marketplaces. This should be achieved in a way that provides a scalable and resilient connective infrastructure for securing digital enterprises in an increasingly dynamic threat landscape.

Keywords: Zero Trust; Identity Governance; Telemetry; Policy Orchestration; Micro-Segmentation; Phishing-Resistant Authentication; SBOM (Software Bill of Materials); Automation; Service Mesh; Credential Management; CARTA (Continuous Adaptable Risk and Trust Assessment); AI/ML (Artificial Intelligence / Machine Learning); Attestation Frameworks; Supply Chain Security; Trust Score Computation

References

1. National Institute of Standards and Technology. Zero Trust Architecture (NIST SP 800-207) (2020). https://nvlpubs.nist.gov/nistpubs/specialpublications/NIST.SP.800-207.pdf
2. Gartner. Gartner Predicts 2025: Cybersecurity — Scaling Zero Trust and Resilience to Meet Growing Threats (2024). https://www.gartner.com/en/documents/5534669
3. Gartner. Top 8 Cybersecurity Predictions for 2023-2025 (2023). https://www.gartner.com/en/articles/gartnertop-security-trends-and-predictions
4. Gartner. Zero Trust Strategy Toolkit for Public Sector (2024). https://www.gartner.com/en/documents/5534669
5. Gartner. Survey Analysis: Zero Trust Adoption Trends (2023). https://www.gartner.com/en/documents/5524669
6. Gambo ML and Almulhem A. “Zero Trust Architecture: A Systematic Literature Review”. arXiv (2025).
7. Osman MA., et al. “Zero Trust Cybersecurity: Critical Success Factors and a Maturity Assessment Framework”. Computers & Security (2023).
8. Security Brief. Zero Trust Delivers Security Gains, but AI Adoption Lags Behind (2025). https://securitybrief.co.uk/story/zero-trust-delivers-security-gains-but-ai-adoption-lags-behind
9. Yahoo Finance. Security Leaders Embrace Zero Trust to Combat Rising Threats (2025). https://finance.yahoo.com/news/security-leaders-embrace-zero-trust-040100651.html
10. Stafford V. “Zero Trust Architecture”. Forbes (2020). https://www.forbes.com/sites/forbestechcouncil/2020/10/15/zero-trust-architecture/
11. Syed Z., et al. “Zero Trust 2.0: Advances, Challenges, and Future Directions in ZTA”. ResearchGate (2025).
12. FIDO Alliance. Passkeys: Phishing-Resistant Authentication (2025). https://fidoalliance.org/passkeys/
13. OpenSSF. Secure Software Supply Chain for Zero Trust (2025). https://openssf.org/
14. SSH Communications. Continuous Adaptive Risk and Trust Assessment (CARTA) (2025). https://www.ssh.com/academy/iam/carta
15. Microsoft Learn. Identity, the first pillar of a Zero Trust security architecture (2025). https://learn.microsoft.com/en-us/security/zero-trust/deploy/identity
16. Security Brief. Zero Trust Delivers Security Gains, but AI Adoption Lags Behind (2025). https://securitybrief.co.uk/story/zero-trust-delivers-security-gains-but-ai-adoption-lags-behind

Citation

Shreekant Rangrej. “Current State of Zero Trust Assessments, Future Directions for Improvement". Clareus Scientific Science and Engineering 2.9 (2025): 07-16.

Copyright

© 2025 Shreekant Rangrej. Licensee Clareus Scientific Publications. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license.