The Zero Trust Architecture Trend Seminar, hosted by the Center for Cybersecurity Research and Teaching at Taiwan Tech, concluded successfully on April 25. The event featured a keynote speech by John Kindervag, the originator of the Zero Trust security model. Attracting over 170 cybersecurity professionals from various sectors, the seminar facilitated discussions on emerging trends and best practices in cybersecurity, demonstrating that all parties attach great importance to the development of Zero Trust architecture in Taiwan.

The Zero Trust Architecture Trend Seminar, hosted by the Center for Cybersecurity Research and Teaching at Taiwan Tech, concluded successfully on the 25th.

Due to the complexity of online information sources and the frequent occurrence of cybersecurity threats, John Kindervag proposed the Zero Trust Architecture (ZTA) in 2010. This architecture is based on the principle of “never trust, always verify” for all data access on the network, aiming to ensure data security at all times and locations.

John Kindervag, known as the “Father of Zero Trust”, shared his extensive practical experience in the field of zero trust and provided a more in-depth analysis of the core concepts and practical applications of the Zero Trust Architecture. Kindervag emphasized that zero trust is a strategy to prevent data leakage and prevent other network attacks from succeeding by eliminating trust in digital systems. He highlighted segmentation as a key component of Zero Trust, stating, “New methods of network segmentation must be established, as all future networks need to be segmented by default.”

John Kindervag, the Father of Zero Trust, delivers a keynote at Taiwan Tech's Zero Trust Architecture Seminar.

In addition to John Kindervag's keynote speech, the seminar featured discussions on the current state of Zero Trust development in Taiwan by several prominent figures. These included Ying-Dar Lin, Deputy Director of the National Center for Cyber Security Technology (NCCST), Yu-Tai Lin, Director of the Financial Supervisory Commission (FSC), and Professor Shi-Chao Cha from Taiwan Tech's Department of Information Management.

Professor Cha highlighted the challenges in implementing Zero Trust, such as the diverse range of access control targets, the lack of data to validate trust inferences, and the integration of outdated systems. He emphasized the need for systematic evaluation metrics to identify the most cost-effective solutions based on applicable models and costs.

Deputy Director Ying-Dar Lin mentioned that NCCST provides testing services for Zero Trust Architecture, including identity authentication, device authentication, and trust inference. He noted that some Taiwanese vendors have already passed these verifications. NCCST has also developed an adaptation plan for Zero Trust Architecture and offers relevant resources to enhance Taiwan's network security environment.

Ying-Dar Lin, Deputy Director of the National Center for Cyber Security Technology (right), John Kindervag (center), and Professor Shi-Chao Cha from Taiwan Tech's Department of Information Management (left) discuss the current state of Zero Trust development in Taiwan.

Professor Shi-Chao Cha from Taiwan Tech's Department of Information Management.

In terms of finance, Yu-Tai Lin, Director of the Financial Supervisory Commission (FSC), stated that the government encourages the deployment of Zero Trust networks to enhance connection verification and authorization control. This initiative aims to improve the depth and breadth of defense for government internet services. He also provided recommendations for strengthening access path-based principles, such as implementing multi-factor authentication, appropriate network segmentation, minimum authorization principle, and high-privilege access to increase verification strength and frequency.

Director Yu-Tai Lin from the Financial Supervisory Commission.

The event attracted over 170 participants from various sectors in the cybersecurity field, who actively engaged in questioning and discussion. In the future, Taiwan Tech will continue to actively promote deep collaboration between the academic and industry sectors in the field of information security. This initiative aims to foster mutual prosperity among international, practical, and academic parties, driving innovation and progress in Taiwan's information security landscape.

Participants also posed questions regarding the practical aspects of the Zero Trust Architecture.