Surge in ransomware is driving zero trust adoption

Trust
(Image credit: Image Credit: Xtock / Shutterstock)

Nothing drives the adoption of zero-trust network access (ZTNA) solutions like a good, old-fashioned, ransomware attack, a new report has claimed.

Findings from Sophos saw awareness of ZTNA is much higher among those companies that had suffered a ransomware attack, than among those that hadn’t. 

Surveying 5,400 IT professionals, Sophos found those who’d been hit by ransomware are almost 50% more likely to be “very familiar” with ZTNA, compared to those that hadn’t experienced such an incident (39%). The percentage is even higher (71%) among those who paid the ransom. 

Adopting ZTNA

To put things in even more perspective - just 10% of ransomware victims had no idea what ZTNA is, compared to 21% of those that suffered a ransomware attack in the last 12 months.

But these organizations are not just “aware” of the solution - many are also implementing it. Sophos has found that a quarter (25%) of victims have already fully adopted ZTNA, something only 17% of those free of ransomware incidents had done. Among the victims, 40% of those who paid the ransom already deployed ZTNA.

Drilling deeper into these companies’ motivations, most were inclined to deploy ZTNA to improve their overall cybersecurity posture, simplify their cybersecurity operations, and support their move to increased use of the cloud.

Perimeter 81 is a Forrester New Wave™ ZTNA Leader 

<a href="https://www.perimeter81.com/lp/ztna-vs-vpn?a_aid=2380&a_bid=1682633c&chan=code4&data1=db" data-link-merchant="perimeter81.com"">Perimeter 81 is a Forrester New Wave™ ZTNA Leader 

Ditch your legacy VPN hardware and automate your network security with ZTNA.  Secure remote access from anywhere with just a few clicks. Onboard your entire organization in minutes, not days. Learn why Perimeter 81 is one of TechRadar's choices for the best ZTNA security providers. <a href="https://www.perimeter81.com/lp/ztna-vs-vpn?a_aid=2380&a_bid=1682633c&chan=code4&data1=db" data-link-merchant="perimeter81.com"" data-link-merchant="perimeter81.com"">Download the report.

However, many are also interested in moving from a CAPEX to an OPEX model, and to ditch vulnerable VPN client software. In fact, ever since the pandemic made businesses send most of their employees home, accessing the corporate network via VPN has become standard practice. 

As a result, malicious actors have been increasingly targeting vulnerable VPNs as their entry points, and have been relatively successful in that respect.

By removing the need for VPN clients, ZTNA reduces the attack surface, making it harder for ransomware actors to get on your network, Sophos concludes.

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.