Article Diary of a Network Security Consultant: “Zero Trust isn’t just a buzzword anymore; it’s your first line of defence!”

By  Insight UK / 3 Jul 2026  / Topics: Cybersecurity

Zero Trust is not just a buzzword anymore;
it is your first line of defence!

Working as a network security consultant in Insight's dedicated Cisco practice, my days consist of whiteboards sessions, demos, RFPs, and straight-talking with clients trying to keep up with an industry that never sits still. The pace has only accelerated over the past two years.

This is not a detached analyst's "state of the industry." It is a view from the field: what I am seeing in customer environments, how vendor roadmaps are shifting, and what actually matters when you are the one keeping packets flowing and attackers out.

At Insight, we are a Solutions Integrator, which means we do not just advise on architecture; we design, build, and operationalise it alongside our clients. We talk about going from hype to how, and that is exactly what this piece is about: cutting through the noise to show what is actually working in network security today, and how we are helping clients get there.

Skills, Process, and Culture: The real bottleneck

But here is the thing about moving from hype to how: the biggest blocker is rarely the technology itself.

Before I go deeper into technology trends, I want to address the single biggest pattern I see across every engagement. The gap is not tools; it is people and process.I have placed this section early deliberately, because every technology discussion that follows is ultimately gated by an organisation's ability to operationalise what they buy.

Patterns across clients

  • Advanced features (micro segmentation, advanced analytics, custom detections) are:
           - Licenced and available.
           - Rarely fully implemented.
  • Reasons:
           - Not enough staff with deep network/security expertise.
           - Competing priorities (cloud migration, new business initiatives).
           - Fear of outages from aggressive policy changes.

How projects succeed

The most successful clients:

  • Start with outcomes, not features:
           - “We want to reduce lateral movement risk by X.”
           - “We want to move away from full-tunnel VPN within 12 months.”
  • Invest in:
            - Runbooks and operational playbooks.
            - Training and joint workshops between networking, security, and cloud teams.
            - Treat network security as:A continuous program, not a one-time purchase.

My job is not just to explain how a feature works; it is to help teams operationalise it. This is where Insight's role as a Solutions Integrator becomes most visible. We stay engaged beyond the design phase to ensure adoption actually happens.

The perimeter is truly gone. SASE and SSE are now real, not just hype.

We have been saying “the perimeter is dead” for a decade. The difference now is that architectures have caught up.

What is happening.

  • Secure Access Service Edge (SASE) has moved from buzzword to buying motion. Customers are actively retiring or de-emphasizing:
            - Legacy VPN concentrators
            - Branch firewalls at every site
            - Standalone web gateways and Cloud Access Security Broker (CASB) solutions
  • Security Service Edge (SSE) is gaining traction where customers want to keep their existing SD‑WAN but modernize cloud security. SSE bundles:
            - Cloud SWG
            - CASB
           - ZTNA
            - Sometimes inline Data Loss Prevention (DLP)

What I am seeing in the field

  • Security teams want fewer point products and a single policy plane for users, apps, and data whether they are on‑prem, in IaaS, or SaaS.
  • Networking teams care about latency and reliability. They will tolerate a cloud security hop only if:
            - There is a strong private backbone.
            - Traffic steering is smart.
            - Troubleshooting visibility is decent.

Practical implication

When I walk into a SASE conversation now, I am not selling a “vision.” I am mapping:

  • Existing VPN + proxy + firewall topology
  • On‑prem vs SaaS application mix
  • Identity stack (Azure AD, Okta, etc.)
  • Where they can consolidate licenses and reduce complexity

The conversation has become less about “can SASE work?” and more about “how do we migrate without breaking anything?”

Zero Trust is moving from slideware to enforcement.

Zero Trust used to be a philosophy; now it is showing up as concrete controls that customers actually turn on.

What is changing.

  • Identity is the new perimeter; it is no longer just a slogan:
            - Conditional access policies are becoming default, not optional.
            - Device compliance checks (via MDM/EDR) gate access to core apps.
            - Legacy “full-tunnel VPN” to everything is being replaced by application‑level access.
  • Micro segmentation is finally getting practical:
            - Some do it via software-defined networking (SD-Access, ACI, NSX).
            - Others via host-based agents, or ZTNA-based segmentation.

What customers ask me?

  • “How far do we go with micro segmentation without drowning in policy?”
  • “Can we move away from ‘all employees on the corporate network’ as the trust model?”
  • “How do we phase this? We cannot flip a ‘Zero Trust’ switch overnight.”

Where the friction lies

  • Many organizations still have flat internal networks and legacy apps that cannot easily be wrapped in modern identity or ZTNA.
  • Internal politics play a role: Zero Trust often forces ownership clarity, who owns which app, which segment, which policy.

The key is helping customers pick a narrow, high‑value starting point: a critical app, a remote access use case, or a segment housing sensitive data, and show quick wins without massive disruption.

Encrypted traffic, Privacy, and Regulation are colliding.

We are now in a world where 90%+ of traffic is encrypted, and at the same time, regulatory and privacy pressures are rising.

The core tension

  • Security teams want to decrypt and inspect as much as possible to catch threats.
  • Legal and privacy teams are increasingly uncomfortable with:
            - Full content inspection of personal or sensitive data.
            - Cross-border routing through cloud inspection points.

Emerging patterns

  • Selective decryption policies based on:
            - Destination categorization (e.g., do not decrypt banking, healthcare).
            - User groups and jurisdiction.
            - Risk scoring (high-risk destinations get deeper inspection).
  • Inline and out-of-band TLS inspection coexist:
            - Inline for web and SaaS traffic.
            - Out-of-band mirroring with hardware offload or NDR solutions. 

My role has shifted from justifying the need for inspection to designing nuanced inspection policies that balance security, user experience, and compliance.

The “Cloudification” of Network Security: from appliances to services

Even the most hardware‑centric clients are realizing they cannot scale just with appliances.

What is driving this?

  • Distributed workforces and cloud apps make backhauling traffic to on‑prem firewalls less viable.
  • Hardware refresh cycles are being re-examined:
            - “Do we refresh all these firewalls, or move some functions to the cloud?”
  • More RFPs explicitly ask for:
            - “Cloud-first” or “service-based” options.
            - Unified management portals across on‑prem and cloud.

How architectures are shifting

  • Hybrid models:
            - Core data centres still run hardware firewalls (for east-west, high-throughput workloads).
            - Internet and SaaS-bound traffic is secured via SASE/SSE.
  • Policy abstraction:
            - Instead of “this rule on that firewall,” we now talk in terms of global policies applied to users, groups, or applications, independent of location. 

This is where customers either gain massive simplicity or end up with two parallel worlds (on‑prem policy vs cloud policy). The determining factor is how thoughtfully we design the transition.

Consolidation vs Best-of-Breed: The platform debate

The industry is in the middle of a consolidation wave.

Customer reality

  • Most security teams are:
            - Overwhelmed by too many tools.
            - Short-staffed, especially in SecOps.
            - Under pressure to show ROI on previous purchases.
  • This drives a preference for:
            - Fewer vendors with broader platforms.
            - Integrated logging, policy, and identity hooks.

The trade-offs I help customers navigate.

  • Platform benefits:
            - Simplified operations, fewer consoles.
            - Unified support and procurement.
            - Better integration out-of-the-box.
  • Risks:
            - Vendor lock-in.
            - Some components may be “good enough” rather than best-in-class.
            - Mergers & Acquisitions-driven portfolios that are not truly integrated yet. 

Selection now often comes down to: Where do you absolutely need best‑of‑breed, and where is “platform-good” acceptable? A lot of my role is to help prioritize those decisions.

A recent example:

I worked with an automotive company that has an SD-WAN spanning the globe and had already invested in an SSE solution but had not unlocked its full potential. They wanted to take the next step by implementing ZTNA to monitor and secure North-South and East-West traffic, to provide secure access to business applications for contractors and third parties, utilise the SSE global backbone, and a single interface for managing their policies. We assessed their network topology, mapped their application flows, identified traffic that was SaaS-bound, and designed a phased SASE migration approach that minimised disruption to business operations.

Closing Thoughts: From buzzwords to baselines

So, what does it actually look like when an organisation moves from hype to how?

If there is one thread running through everything above, it is this: the industry has finally caught up with its own ambitions.

ZTNA has evolved from a niche “VPN replacement” to a central pillar of modern security architecture. The key advancements; identity first, continuous context-aware verification, app-level micro-segmentation, SSE/SASE convergence, deeper device integration, support for legacy and machine identities, and rich analytics have made zero trust genuinely implementable at scale.

But the most significant change is not technology. It is mindset.

We are finally moving away from "trusted networks" to earned, continuously validated access. This is precisely what we always said we wanted but could not quite operationalise. The organisations that are succeeding are not the ones with the biggest budgets or the newest kit. They are the ones that invest equally in people, process, and technology, and treat security transformation as a programme, not a project.

So where should you start?

If you are reading this and recognising your own environment in these patterns, here is my advice:

  1. Pick one high-value use case. Do not try to transform everything at once.
  2. Map what you already own. Most organisations are under-utilising existing licences.
  3. Invest in operationalisation. Runbooks, training, and cross-team alignment matter more than another product purchase.
  4. Measure outcomes, not activity. "Reduced lateral movement risk by 40%" beats "deployed 12 new policies."

Every customer I work with is somewhere on this journey, from hearing the hype to figuring out the how. The organisations that succeed are the ones that stop chasing perfect architectures and start with pragmatic, outcome-driven steps. 

Ready to have the conversation?

Go from hype to how. Let us start the conversation.

Whether you are planning a SASE migration, starting your Zero Trust journey, or simply want an honest assessment of where your security architecture stands today, Insight's Cisco practice specialists are here to help.

If you’d like to discuss what this could mean for your organisation, please get in touch: UKCiscoCX@insight.com.

 

About the author

Jon Hackett is a Network Security Consultant in Insight's dedicated Cisco practice, based in the UK. With 30 years of experience designing, deploying and supporting enterprise security architectures across financial services, public sector, retail, and manufacturing. Jon specialises in network security, SASE/SSE migration, Zero Trust implementation, and helping organisations bridge the gap between security strategy and operational reality, working daily with customers navigating the shift from legacy perimeter security to modern, identity-driven architectures.