Aerospace and Defense
Automotive
Consumer and Retail
Energy
Financial Services
Healthcare
Insurance
Life sciences
Manufacturing
Public Sector
Technology, Media and Telecommunications
Travel and Transportation
AGIG's Customer Service Transformation
Agentic AI in Insurance
Addressing Technical Debt with DXC Assure Platform
The Hogan API Microservices solution
Build & Innovate
Manage & Optimize
Protect & Scale
AI & Data
DXC IoT & Digital Twin Services
Strategize and accelerate your AI agenda
Explore our tailored options to navigate change
Enhance operational effectiveness, maintain compliance and foster customer trust
Customer Stories
Knowledge Base
AI
Closing the AI execution gap
About DXC
Awards & Recognition
Careers
Partners
Events
Environmental, Social, Governance
Investor Relations
Newsroom
Leadership
Legal & Compliance
DXC leads in the age of AI
Partnership with Manchester United
Partnership with Scuderia Ferrari
Growth Drivers | Updated on July 7, 2025
Picture a castle surrounded by a massive wall, complete with watchtowers and a moat. Anything inside the wall is considered safe, while anything outside is potentially harmful. This is how traditional security models used to operate, treating the internal network as a safe zone.
The problem with this approach is that castles can be breached, walls can be scaled, and internal threats exist. And once an attacker gets inside, they have free rein over everything inside.
In the zero-trust model, there is no inside or outside the castle. Everyone and everything is considered a potential threat until verified.
Zero trust operates on the principle of never trust, always verify, rather than granting implicit trust to all users inside a network. It's a strategy that organizations of all sizes are implementing to protect users, devices, networks, applications and data. This helps address the cybersecurity risks posed by remote workers, hybrid cloud services, personally owned devices and other elements of today’s corporate networks.
Think of a zero-trust model as a watchful security guard who meticulously and repeatedly checks your credentials before granting you entrance to the office building where you work, even if they are familiar with you. They, then, constantly repeat this process to confirm your identity.
Without this kind of robust solution in place, it can be challenging for organizations to have a clear picture of who has access to data and what they are doing with that data. And companies can unnecessarily expose themselves to costly data breaches and other security incidents.
A Gartner survey revealed that while 63% of organizations worldwide have fully or partially implemented a zero-trust strategy, the scope and impact of these initiatives remained limited.
When DXC examined the future of its own business over four years ago, it became clear that taking a virtual-first approach would require a fundamental shift in mindset. DXC knew it needed to leave behind the traditional location-centric model and adopt an identity-centric approach that controls access based on user identity and other attributes.
With that goal in mind, DXC began to migrate away from its traditional perimeter-based security architecture consisting of firewalls and multiple VPNs used by employees to connect to customer systems. To support our hybrid environment and boost our security posture, we decided to adopt a zero-trust architecture and roadmap.
One thing we learned is that when embarking on the zero-trust journey, it’s imperative to be fully aware of what one’s technical landscape encompasses and how best to protect those assets. This means creating a full log of users, devices, programs and services so that IT teams can allocate who has access to which parts of the network.
Simply put, holes in the inventory infrastructure could result in security risks for our organization.
The DXC security team also set up a policy engine that has full visibility into all network activity and continuously verifies and enforces activities against these policies.
To scale our business in a secure way, DXC needed a way to manage access across our entire IT estate. For that we used a zero-trust network access service that verifies users and grants access to specific applications based on identity and context policies.
For example, employees on the accounting team can work on payroll applications and have the same user experience from the home or office, as long as they and their devices are automatically authenticated each time they access these systems via constant secure state revalidation.
The team also used a cloud-based platform that securely connects users, devices and applications across different networks, including in any of our six global data centers. And advanced logging and reporting capabilities provided us with the necessary visibility into data access events, while also supporting compliance efforts.
As a result of this work, DXC improved its security posture, blocking 9.2 million threats and preventing 1.3 billion policy violations in one quarter.
For industries that handle sensitive information, zero trust offers an extra layer of protection.
For example, a global manufacturer needed to maintain continuous, secure data exchange with customers and increase cyber resiliency across its on-site and remote workforces. DXC helped move the company to a cloud-native, zero-trust security strategy that increased control and improved visibility of the security landscape and made the business more resilient to inner and outer threats.
A European utility company struggled to manage fast-emerging cyber threats and increased regulatory requirements to protect the essential services they provide. DXC deployed a cloud-based secure service edge solution that provided safe access to applications, ensured adequate malware threat identification and prevention, met regulatory requirements and simplified ongoing operations.
A multinational energy and petrochemical company required simplified, secure connectivity for its global workforce logging in from offices, coffee shops, offshore and a range of other locations. DXC’s integrated solution provided rich intelligence and constant security validation and gave employees secure access to critical applications from anywhere.
Remember, zero trust is not a discrete solution but rather a strategy driver and mindset backed by technology. And DXC experts can help guide customers on their zero-trust journey.
DXC’s full range of security expertise includes deep experience in zero trust architecture and identity and access management, with over 450 million digital identities under management, along with world-class detection and response capabilities.
Learn more about DXC’s work around digital identity
Discover more about securing network platforms at global scale
Explore DXC's zero trust security solutions
Learn about the five ways to apply a zero-trust approach in the financial services industry