Zero Trust Architecture: A Comprehensive Approach to Incident Response Management

Muhamad Zein Satria, H.A Danang Rimbawa, I Made Wiryana


Zero Trust Architecture is a modern security strategy that is based on the principle of “never trust, always verify”. This approach to security eliminates trust from an organization’s network architecture and focuses on managing enterprise risk management practice throughout the four phases: identification, assessment, response, and monitoring and reporting. Incident response refers to an organization’s processes and technologies for detecting and responding to cyberthreats, security breaches or cyberattacks. An effective incident response plan can help cybersecurity teams detect and contain cyberthreats and restore affected systems faster, reducing the lost revenue, regulatory fines and other costs associated with these threats. Zero Trust architecture can be aligned with the four general categories of risk response strategies: tolerate, operate, monitor, and improve. By design, telemetry, state information, and risk assessment from threat protection feed into the Zero Trust policy engine to enable automatic response to threats. In this paper, we present a comprehensive approach to incident response management using Zero Trust Architecture. We discuss the key principles of Zero Trust Architecture and how it can be applied to incident response management to improve an organization’s overall security posture.


Zero Trust Architecture; Comprehensive Approach; Incident Response Management; Modern Security Strategy

Full Text:



Teerakanok, S., Uehara, T., & Inomata, A. (2021). Migrating to zero trust architecture: Reviews and challenges. Security and Communication Networks, 2021, 1-10.

He, Y., Huang, D., Chen, L., Ni, Y., & Ma, X. (2022). A survey on zero trust architecture: Challenges and future trends. Wireless Communications and Mobile Computing, 2022.

Stafford, V. A. (2020). Zero trust architecture. NIST special publication, 800, 207.

Cichonski, P., Millar, T., Grance, T., & Scarfone, K. (2012). Computer security incident handling guide. NIST Special Publication, 800(61), 1-147.

Buck, C., Olenberger, C., Schweizer, A., Völter, F., & Eymann, T. (2021). Never trust, always verify: A multivocal literature review on current knowledge and research gaps of zero-trust. Computers & Security, 110, 102436.

community paper (n.d.). The ‘Zero Trust’ Model in Cybersecurity: Towards understanding and deployment. Retrieved September 7, 2023, from

John P. Pironti (2020, April 1). Five Key Considerations When Adopting a Zero-Trust Security Architecture. Retrieved September 7, 2023, from and-trends/newsletters/atisaca/2020/volume-7/five-key-considerations-when-adopting-a-zero-trust- security-architecture

Kudrati, A. (2022, May 23). What’s risk management and why is it important? Microsoft. Retrieved September 7, 2023, from management-using-zero-trust-architecture/

Kerman, A., Borchert, O., Rose, S., & Tan, A. (2020). Implementing a zero-trust architecture. National Institute of Standards and Technology, 2020, 17-17.

Green-Ortiz, C., Fowler, B., Houck, D., Hensel, H., Lloyd, P., McDonald, A., & Frazier, J. (2023). Zero Trust Architecture. Cisco Press.



  • There are currently no refbacks.

Copyright (c) 2024 Muhamad Zein Satria, H.A Danang Rimbawa, I Made Wiryana

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.