Zero Trust is a popular security framework since it mandates constant authentication and authorization of all users and endpoints in order to prevent security breaches. This, a recent study confirms.
According to a survey conducted by Okta among 700 directors and C-suite security decision-makers from a wide range of industries, 97% of firms either already have a Zero Trust project or aim to implement one over the next 18 months.
From 2018 levels (16% of respondents), this is an increase of over 500%.
Strategic preparation and difficulties
While the Zero Trust security framework may be enjoying meteoric rise in popularity, not everywhere is on board. Only 36% of organizations in the EMEA region have a plan in place, compared to 59% in North America and 50% in Asia-Pacific. Though, with the increased investment in the region, European businesses will soon catch up to their North American counterparts (90% are raising expenditures, compared to 83% in APAC and 77% in North America).
Finding qualified personnel to adopt and maintain Zero Trust appears to be the greatest difficulty for enterprises worldwide, with budgetary concerns also being voiced by EMEA-based organizations.
80% of security strategies prioritise identification. 19% term it “business important,” hence practically all organizations (99%) consider identification as a crucial component in Zero Trust. 26% of CISOs and C-suite execs call it business-critical.
Balance between usability and security is another Zero Trust problem. In APAC and North America, businesses prioritise security more than in EMEA.
Companies are leveraging pandemic-era investments in usability and catching up on security debt, said Okta’s Ian Lowe. “But they’re realising that higher security and usability aren’t incompatible. Passwordless solutions, for example, make logging in frictionless and more secure.