Although organizations are increasingly aware of the benefits of Zero Trust technology and even plan to adopt it, new research from One Identity has revealed that only 14 percent of businesses have implemented a Zero Trust strategy.
Following the release of the White House's “Executive Order on Improving the Nation's Cybersecurity” back in May, Zero Trust awareness continues to rise in the US and around the world. For this reason, One Identity commissioned Dimensional Research to conduct a survey of 1,009 IT security professionals to learn more about the current state of Zero Trust awareness and adoption across the enterprise.
Surprisingly, the survey revealed that only one in five security stakeholders are confident in their organizations' understanding of Zero Trust.
For those unaware, the concept of Zero Trust was created by Forrester's John Kindervag and is based on the realization that traditional security models operate on the outdated assumption that everything inside an organization's network should be trusted. Instead, the Zero Trust model recognizes that trust can be a vulnerability as once inside an organization's network, users including threat actors and malicious insiders, are free to move laterally and access or exfiltrate whatever data they are not limited to according to a blog post from Palo Alto Networks.
Implementing Zero Trust
Despite the fact that 75 percent of organizations recognize Zero Trust as being critically or very important to bolstering their cybersecurity posture, only 14 percent have fully implemented a solution according to One Identity's research.
However, 39 percent of organizations have begun to address this important need with an additional 22 percent planning to implement Zero Trust over the course of next year.
A lack of clarity on how adoption of this technology can be achieved is one of the key barriers to widespread Zero Trust success along with competing priorities and the belief that it can hinder business productivity. Of those surveyed, 61 percent of security professionals are focusing their implementation on reconfiguring access policies while 54 percent believe it begins with identifying how sensitive data moves throughout a network.
President and general manager of One Identity, Bhagwat Swaroop provided further insight on the survey's findings in a press release, saying:
“Organizations recognize that the traditional perimeter is no longer enough and that they will be best served by prioritizing identity security and taking steps to ensure bad actors are limited once they gain access. Zero Trust is fast becoming an enterprise imperative because it eliminates vulnerable permissions and excessive access by delivering a continuum of different rights across the organization to ultimately limit attack surfaces if they are breached.”
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.