Articles

Zero Trust Came for the Network. Now It’s Coming for the Human.

July 16, 2026
Author
Katelyn Halbert
Senior Talent Acquisition Partner

Key takeaways

  • AI has broken trust: voice and video deepfakes now impersonate executives, employees, and customers at enterprise scale, making identity the new attack surface.
  • Gartner has named the shift, introducing digital trust and authenticity platforms (DTAPs) and a “media zero trust” (MZT) posture: treat digital media as fake until it is authenticated as real.
  • Gartner also names the operational function this creates: TrustOps, led eventually by a Chief Trust Officer (CTO).
  • The surface this leaves exposed is the live human interaction: the voice on the call, the face in the video meeting.

For a decade, security teams operated on one hard-won principle: trust nothing by default. Not the device, not the packet, not the login. We called it zero trust, and it reshaped how enterprises defend themselves.

AI changed what “nothing” means

In 2025, AI-enabled fraud grew 1,210%, according to Pindrop’s internal analysis of voice and call-center attack data. At the same time, non-AI fraud is also increasing at 195%.

The gap between those two numbers is the story. Traditional attacks are still climbing, but AI-enabled ones are climbing roughly six times faster, and they are not aimed at your firewall. They target the one interface your controls were never designed to inspect: the live human on the other end of a conversation.

70%

Of digital content synthetic by 2027. Gartner.

$25B

Authentication spend by 2030. Gartner.

$200M+

Q1 2025 NA deepfake fraud losses. WEF from Gartner report.

The voice on the call. The face in the video meeting. The candidate in the interview. The executive whose urgent request arrives by email and then gets “confirmed” by a follow-up call. Voice deepfakes, video deepfakes, and AI voice cloning make any of those synthetic, generated at low cost, and convincing enough to fool the people who know the real person best.

This isn’t hypothetical. In 2024, an employee at global engineering firm Arup joined what looked like a routine video call with the company’s CFO and several colleagues—and wired $25 million after being instructed to, before anyone realized every other person on that call was a deepfake. This is deepfake social engineering, and it is why executive impersonation and account takeover now start with a conversation that feels completely normal.

The market just named the shift: digital trust and authenticity platforms (DTAPs)

This is not only Pindrop’s read of the landscape. In the 2026 Gartner® report Emerging Tech: AI Vendor Race: Eroding Digital Trust Threatens the Global Economy, Forcing Adoption of Digital Trust and Authenticity Platforms (Alfredo Ramirez IV, Apeksha Kaushik, 5 March 2026), Gartner introduces a new category and a new posture.

What is a DTAP?

A digital trust and authenticity platform (DTAP) is a system that authenticates what is real and flags what is fake, bringing together three capability areas: content authenticity, impersonation prevention, and narrative intelligence. The posture Gartner pairs with it is media zero trust (MZT): treat digital media as fake unless it is authenticated as real.

Read that again, because it is a real inversion. For most of computing history, content was innocent until proven guilty. Gartner now describes a world where the default assumption flips. Two of the report’s Strategic Planning Assumptions explain why:

  • “By 2027, more than 70% of all digital content will be synthetic, making it as important to prove what is true as to detect what is false.”
  • “Trust in digital content is so important that, in 2030, enterprises will spend more than $25 billion authenticating it.”

When most of what crosses your network is synthetic media, detecting fakes after the fact stops scaling. You have to authenticate what is real, at the moment it matters.

Gartner’s three DTAP capability areas

Content authenticity

  • Content credential analysis
  • Multimodal deepfake detection
  • Manipulated media analysis
  • Pixel analysis and heat mapping

Impersonation detection

  • Biometric analysis
  • Behavioral analysis
  • Name/image/likeness monitoring
  • Identity graphing

Narrative intelligence

  • Attacker and target attribution
  • Platform contagion and spread
  • Bot-based amplification attribution
  • Intent analysis

Source: Gartner, Inc. (March 2026)

Gartner names nine Sample Vendors across these capability areas—an illustrative, nonexhaustive list that includes Pindrop. More on where we fit below.

What “media zero trust” really means

Media zero trust is, at its core, zero trust applied to content and identity. And once you accept the premise, an uncomfortable conclusion follows quickly: the least protected surface in most enterprises today is the real-time human interaction.

We hardened the network. We hardened endpoints and identities for machines and applications. But the live conversation, the channel where trust is actually exchanged and decisions actually get made, still runs on a decades-old assumption: if it sounds like her and answers like her, it is her.

In the deepfake era, that assumption is a vulnerability.

‘It sounded just like him’ is no longer reassurance. It is the attack.

The rise of TrustOps and the Chief Trust Officer

Gartner doesn’t stop at naming the technology category. It names the job that has to own it.

The report introduces TrustOps: an operational discipline, distinct from existing cybersecurity or GRC functions, responsible for the provenance, accuracy, chain of custody, and audit trail of the content and communications an organization sends and receives. Gartner expects it to be governed by a trust council and, eventually, led by a Chief Trust Officer (CTrO)—a role Gartner describes as already existing at some organizations, but still underutilized relative to the risk it’s meant to own.

It’s a familiar pattern. The CISO role went through the same arc two decades ago: a function born out of a threat that had outgrown whichever department first absorbed it, formalized once boards needed one person to answer for it. If Gartner’s timeline holds, “who owns trust” becomes a board-level question well before TrustOps is a standard org-chart line item.

For security and risk leaders, the practical takeaway now: the tooling that answers “is this real, and is this the right person” isn’t a future nice-to-have that gets bolted onto TrustOps once it exists. It’s the system of record TrustOps will be built on. Getting continuous identity verification in place ahead of the org chart catching up is the cheaper order of operations.

What continuous identity verification is, and how it works

If media zero trust is the principle, continuous identity verification is the practice. Continuous identity verification is the practice of confirming, live and continuously throughout an interaction, that the human on the other end is both real and the specific person they claim to be, across voice, video, and digital channels.

Catching a fake after a fraudulent wire has cleared, or after a fake candidate has been onboarded, is forensics, not defense. What the moment demands is real-time voice and video verification that answers three questions on every call and every video interaction:

  • Is this a machine, or a person? Deepfake and synthetic-voice detection.
  • Is this a known bad actor? Fraud and impersonation detection.
  • Is this the right human? Identity authentication.

Answer those three, continuously, and you have extended zero trust to the surface it never reached. You have made the live conversation something your security stack can finally see.

Where Pindrop fits in the DTAP category

This is the layer we have spent years building. Pindrop’s Real Human + Right Human® Platform is a continuous identity verification layer for real-time communications, designed to answer exactly those three questions as a conversation happens rather than after it ends. It combines deepfake detection, fraud detection, and identity authentication across voice, video, and digital channels.

Gartner names Pindrop as a Sample Vendor in the DTAP report. That list is illustrative and nonexhaustive, and Gartner does not endorse the vendors it includes. But we believe our presence on it reflects where we placed our bet years ago: that the enterprise response to synthetic media would not be another detection tool bolted onto the old stack, but a continuous verification layer for the human interactions that matter most.

Pindrop is trusted by the institutions where identity can’t be wrong

  • 7 of the 10 top banks
  • 5 of the top insurers
  • Top 3 healthcare providers

We are not going to pretend this is solved. Attackers are fast, well-funded, and improving. But the shape of the answer is now clear, and the market has a name for it.

The takeaway worth repeating

Here is the reframe worth keeping: we spent ten years learning not to trust the network. The deepfake era is teaching us not to trust our own eyes and ears, at least not until something has verified, in real time, that there is a real and right human behind them.

Zero trust was never really about the network. It was about refusing to grant trust by default and instead earning it, continuously, with proof. That principle did not expire when the attack surface moved to the human. It just found its most important application yet.

Trust, at the speed of AI, is now the enterprise’s job. The good news is that it is a job we finally know how to do.

How deepfakes infiltrate hiring

A digital trust and authenticity platform (DTAP) is a system that authenticates real content and identifies and flags fake ones. Gartner describes DTAPs as combining three capability areas: content authenticity, impersonation detection, and narrative intelligence.

Media zero trust (MZT) is a security posture, described by Gartner, of treating digital media as fake unless it is authenticated as real. It applies the zero-trust principle—trust nothing by default—to content and identity.

Continuous identity verification is the practice of confirming, in real time and throughout an interaction, that the human on the other end of a communication is both real and the specific person they claim to be, across voice, video, and digital channels.

Deepfake voices and videos are used to impersonate executives, employees, and customers in real-time communications—executive impersonation on calls and video meetings, fake job candidates in interviews, and voice deepfakes that power social engineering and account takeover, as in the
2024 Arup case, where a deepfaked video call led to a $25 million loss.

TrustOps is an operational discipline, named by Gartner, responsible for the provenance, accuracy, chain of custody, and audit trail of an organization’s digital content and communications. It sits apart from existing cybersecurity and GRC functions and is expected to be governed by a trust council.

A Chief Trust Officer (CTrO) is an executive role, described by Gartner, responsible for an organization’s TrustOps function. Gartner notes the role exists at some organizations today but remains underutilized relative to the risk it’s meant to manage.

Yes. Pindrop is named as a Sample Vendor in the 2026 Gartner report Emerging Tech: AI Vendor Race: Eroding Digital Trust Threatens the Global Economy, Forcing Adoption of Digital Trust and Authenticity Platforms. The Sample Vendor list is illustrative and nonexhaustive, and Gartner does not endorse the vendors it includes.

Access the Gartner report and learn about DTAPs, media zero trust, and TrustOps.

SOURCES
Gartner, Inc., Emerging Tech: AI Vendor Race: Eroding Digital Trust Threatens the Global Economy, Forcing
Adoption of Digital Trust and Authenticity Platforms, Alfredo Ramirez IV, Apeksha Kaushik, 5 March 2026 (ID G00840381).

Gartner does not endorse any company, vendor, product or service depicted in its publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner publications consist of the opinions of Gartner’s business and technology insights organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this publication, including any warranties of merchantability or fitness for a particular purpose.

GARTNER is a trademark of Gartner, Inc. and/or its affiliates and is used herein with permission. All rights reserved.

Digital trust isn’t
optional—it’s essential

Take the first step toward a safer, more secure future for your business.