IT disaster recovery, cloud computing and information security news

Study finds strong interest in zero trust strategies for cyber security improvement

Enterprise Strategy Group (ESG) has released new research that found, despite the challenges posed by the pandemic, most organizations have either pressed forward as planned or accelerated their zero trust initiatives.

Zero trust strategies assume the network is compromised and brokers resource-specific access in isolation from network access through a least-privileged approach supported by continuous authentication, authorization, and risk evaluation for every request. These initiatives have seen increased interest over the last few years as enterprise architectures have become more distributed.

The ESG study surveyed 421 security and IT professionals responsible for driving zero trust security strategies and evaluating, purchasing, and managing related security technology products and services. It found that three-quarters of organizations are allocating net-new budget for zero trust programs and the vast majority plan to increase spending over the next 12-18 months.

While interest and budget for zero trust are robust, there remains some level of confusion in the market as to what the term means, where to start, and what technologies are required to support these initiatives. There does appear to be growing understanding that zero trust should be viewed as a strategic approach. However, most organizations continue to take a technology-centric view.

The study’s key findings include:

  • Most organizations (51 percent) view zero trust as an avenue towards overall cyber security program modernization, updating traditional security processes and procedures to better align with today’s distributed enterprise reality.
  • More than half (53 percent) of organizations began their zero trust journey with a specific use case, then broadened that strategy over time.
  • 40 percent of organizations say they have either paused or abandoned a zero trust project they had previously started—often due to organizational and personnel issues.
  • Organizations that have yet to implement zero trust do maintain some negative perceptions of the initiative, especially around complexity, cost, and user experience.
  • Organizations that have implemented zero trust report a variety of benefits ranging from reduced cyber security incidents and data breaches.

More details.



Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.