Legacy, perimeter-centric models of information security are of no use in today’s digital businesses, as they are no longer bounded by the four walls of their corporation. Instead, CIOs must move toward a Zero Trust approach to security that is data- and identity-centric — and in our view is the only approach to security that works. In this report, we outline what constitutes Zero Trust, provide guidance on how to implement it, and summarize the key business benefits.