Strategic Cyber Environment Management with Zero Trust and Cyber Counterintelligence

Organisations need to improve their information security practices, given the volume of successful cyberattacks and crimes. To enhance security in an organisation, information security must be considered a business issue, instead of a technical problem. Hence, organisations must change the security protocol from reactive action to proactive operation; must develop information security strategies that support the business; should implement better controls, systems, and services; and must create a process to proactively gather information about the possible threats and adversaries. This study proposes a novel method for combining a zero-trust strategy with cyber counterintelligence to gain th…