Join online with today’s leading executives at the Data Summit on March 9th. Register here.
A new survey by Optive Security found that 100% “believe that zero trust architecture is somewhat” important in reducing their enterprise’s cyber risk “critically”. They note the top three objectives for adopting a zero-confidence strategy, which include reducing the ability to move alongside attackers, enforcing minimal privileged access to critical resources, and reducing the level of enterprise attack.
However, despite acknowledging its importance, only 21% of people have adopted zero confidence as a foundational model in their entire enterprise. The problem is that only 32% of their ventures have high cyber security maturity.
Why does this coincidence between belief and action exist? The survey noted some cultural and environmental factors hindering the evolution of zero trust in their organization. The top three include: too many internal silos / stakeholders for different components of zero trust (47%); Too many inherited techniques that do not “support” zero trust (44%); Lack of internal skills to develop zero trust roadmap and policies (39%).
Jerry Chapman, Optiv’s engineering fellow, believes it wasn’t surprising that employee problems topped the list of zero trust barriers. “Organizations are very silly, and zero trust goes into the whole organization,” he said. “Silos can create obstacles when you start talking about how to start with zero confidence and what framework to bring down.”
The good news is that there is hope for organizations that have lagged behind in the journey of zero trust. To overcome the barriers of talent and technology with zero confidence, about three-quarters of people expect to engage external service providers to help them on their journey. Respondents note that their top three reasons for engaging third-party providers are that they evaluate their current status and identify gaps, recommend improvements to the process, and create / refine a zero trust roadmap.
The path to zero confidence is a journey, not a race, and Optiv’s new research report shows that many companies are on the road to success.
The Optive Security survey was conducted between June and October 2021 with Palo Alto Networks and the Information Security Media Group (ISMG). The survey polled 150 CISOs, CSOs and other security professionals in various fields, including finance, healthcare, high-tech and government, to measure their efforts and investments around zero confidence.
Read the full report by Optive Security.
Venturebeat’s mission Digital Town Square is set to become a place for technical decision makers to gain knowledge about the changing enterprise technology and practices. Learn more