Although organizations are increasingly aware of the benefits of Zero Trust technology and even plan to adopt it, new research from One Identity has revealed that only 14 percent of businesses have implemented a Zero Trust strategy.
Following the release of the White House's “Executive Order on Improving the Nation's Cybersecurity” back in May, Zero Trust awareness continues to rise in the US and around the world. For this reason, One Identity commissioned Dimensional Research to conduct a survey of 1,009 IT security professionals to learn more about the current state of Zero Trust awareness and adoption across the enterprise.
Surprisingly, the survey revealed that only one in five security stakeholders are confident in their organizations' understanding of Zero Trust.
For those unaware, the concept of Zero Trust was created by Forrester's John Kindervag and is based on the realization that traditional security models operate on the outdated assumption that everything inside an organization's network should be trusted. Instead, the Zero Trust model recognizes that trust can be a vulnerability as once inside an organization's network, users including threat actors and malicious insiders, are free to move laterally and access or exfiltrate whatever data they are not limited to according to a blog post from Palo Alto Networks.
Implementing Zero Trust
Despite the fact that 75 percent of organizations recognize Zero Trust as being critically or very important to bolstering their cybersecurity posture, only 14 percent have fully implemented a solution according to One Identity's research.
However, 39 percent of organizations have begun to address this important need with an additional 22 percent planning to implement Zero Trust over the course of next year.
A lack of clarity on how adoption of this technology can be achieved is one of the key barriers to widespread Zero Trust success along with competing priorities and the belief that it can hinder business productivity. Of those surveyed, 61 percent of security professionals are focusing their implementation on reconfiguring access policies while 54 percent believe it begins with identifying how sensitive data moves throughout a network.
President and general manager of One Identity, Bhagwat Swaroop provided further insight on the survey's findings in a press release, saying:
“Organizations recognize that the traditional perimeter is no longer enough and that they will be best served by prioritizing identity security and taking steps to ensure bad actors are limited once they gain access. Zero Trust is fast becoming an enterprise imperative because it eliminates vulnerable permissions and excessive access by delivering a continuum of different rights across the organization to ultimately limit attack surfaces if they are breached.”