Zero trust is the biggest cybersecurity advancement in the past decade.

We have had "trust but verify" and we have just evolved to automate this notion. However, I am with Nigel Hedges that Zero Trust is a bad name. The Zero Trust strategy has re-oriented the "trust but verify" idea by automating the validation of the components that we have evolved into using (identity, workload, data, network, etc.). However, not sure I would classify as the largest cybersecurity advancement; especially with AI/ML/LLMs, Quantum PQC, and other areas of advancement.

Not to throw a cat amongst the pigeons here, and I know I've lost this battle, but I really don't like the name Zero Trust. I was asked a couple of years ago at the peak of hype in my country around zero trust, and I was that as far as investments go I would rather sell a poop-sandwich to my execs than lead with zero trust. Why? Because all business world wide since the dawn of time has been built on trust. 

To be clear, I'm not against _everything_ that is behind the zero trust architecture and model, I'm a big believer in identity-first projects and need-to-know provisioning of all kinds... I just wish they'd picked a different name. Especially during a decade when the security function is trying to re-cast itself as enablers.

I hope the next concept paradigm to go viral has a better name.