Actually "zero trust and segmentation" is the main policy that can enable the insertion of a backdoor in a circuit.
There are many large companies which discourage or forbid the access of the designers to other parts of the project than those that are strictly required to do their jobs.
The result is that very few, if any, have any understanding about how the entire device is supposed to work, besides of passing the cases of the testing plan.
Because of that, even if some backdoor is inserted and everybody sees it, there are good chances that nobody can guess its purpose and recognize that it is something that should not be there.
I was referring to the network, not the people building the hardware. The article asks a question at the end. How does one defend against a hardware trojan? Where that trojan would exist, perhaps dormant and invisible, inside a critical asset.
What safe guards are there from a hardware trojan? Solutions like zero trust and segmentation only go so far in a scenario like this.