What does it really take to move from talking about Zero Trust… to actually making it work in the real world?
Recording live from IGEL Now And Next in Miami, I caught up with John Walsh for what has now become something of a tradition, our third conversation together, and one that reflects just how much has changed in the last 12 months.
When we last spoke, the focus was on securing the edge and rethinking security through a preventative lens. This time, the conversation has expanded from IT to OT, from devices to platforms, and from theory to real-world implementation across manufacturing floors, healthcare environments, and government organizations.
John shared how IGEL is increasingly being adopted as a global standard across both IT and operational environments, bringing new challenges and new insights. From kiosks and signage on factory floors to shared workstations in hospitals, the need for persona-based and now context-aware access is becoming far more than a technical concept. It is shaping how organizations think about identity, risk, and control at scale.
We also explored how the idea of the "adaptive secure desktop" is evolving beyond traditional VDI thinking. Instead of static devices, the focus is shifting toward environments that respond dynamically to the user, their role, their location, and the level of risk in that moment. It raises an important question. How do you deliver that level of control without introducing friction for the user?
AI inevitably entered the conversation, but not in the way many might expect. Rather than focusing on features, John highlighted the acceleration of threat velocity. The time between vulnerability discovery and exploitation is shrinking rapidly, and with AI amplifying that speed, traditional detection and response models are struggling to keep up. The implication is clear. Security strategies need to shift toward prevention and control, not just reaction.
We also touched on emerging challenges around agentic AI, non-human identities, and the need to apply Zero Trust principles beyond people to machines. As organizations begin to explore these new models, questions around identity, access, and guardrails are becoming more complex and more urgent.
And throughout the conversation, one theme kept coming back and reducing complexity while increasing control. Whether it is through immutable operating systems, centralized policy enforcement, or contextual access, the goal is to simplify the environment while strengthening security outcomes.
As organizations continue their journey toward modernization, one question remains: Are we still layering new technology onto old models, or are we ready to rethink how access, identity, and control are delivered from the ground up?
What do you think, is Zero Trust finally becoming real at the endpoint, or is there still a gap between strategy and execution?