Zero Trust Architecture is expected to increase cybersecurity efficacy by 144%

This article was originally published on ModernCyber’s Blog

While many organizations and individuals agree, zero trust is the right strategy for cybersecurity, a report by Osterman Research, quantifies the benefits of zero trust. Osterman Research, a market research and consulting firm delivering insight on cybersecurity, data protection and information governance, surveyed 125 IT and security decision-makers in mid-sized and large organizations on the state of Zero Trust architecture adoption in their organizations.

Executive Summary

Zero trust offers a modern approach for security to meet modern work designs and tackle the cybersecurity challenges facing organizations. The rise in remote work, the relentless waves of ransomware and other cybersecurity attacks, and the need to redress fundamental weaknesses in perimeter-based security have coalesced to drive interest and uptake in zero trust architectures. First touted in 2004, organizations are progressing with zero trust designs to increase the efficacy of cybersecurity protections and build a stronger foundation to address the new challenges of hybrid work, data protection, and security. Organizations view strengthening identity and access management as the key design modification for zero trust initiatives, and confidential files the most important data source to protect. Most organizations expect to be fully deployed with a zero trust architecture within two years.

This white paper reports on how organizations are deploying and planning to deploy a zero trust architecture. It offers direction to decision-makers and influencers on best practices and solutions to support the move to zero trust.

Many expect zero trust to double the efficacy of their cybersecurity. Along with more than 90% of respondents confirm their organization is planning an enterprise-wide deployment for a zero trust architecture or within multiple business units. 73% of respondents are focused on identity and access management (IAM) for employees as the key design modification for zero trust. This most likely includes projects and implementations of single sign on (SSO), zero trust network access(ZTNA), network access control (NAC), multi-factor authentication (MFA) and device posture/hygiene.

One of the biggest challenges organizations face with zero trust adoption is technical debt and legacy systems. This was affirmed with 55% of respondents expressing that dealing with limitations in legacy systems is their top barrier against embracing zero trust.

53% of respondents cite high-profile ransomware incidents as the top motivator for integrating zero trust, closely followed by remote (51%) and hybrid (45%) work models.

Some of the additional insights from the report include:

• High profile ransomware incidents are having the largest impact on the decision to embrace Zero Trust.
• Near-term implementation is at hand with most organizations expecting to fully deploy Zero Trust architecture in two years or less.
• Resourcing and technical barriers are the major limitations, including financial limits, staffing shortages, and legacy systems that slow down Zero Trust adoption.
• The right combination of solutions are required to implement Zero Trust Zero Trust architecture; it’s not available in any single product.

While heading into 2022, where more research and data on zero trust will certainly be gathered and reported on, organizations can be assured that the zero trust can be their catalyst for cybersecurity efficacy. Read the full report or get in touch to discuss further.