Rapid increase in the widespread acceptance of zero trust security models approaches near-universal implementation
In the ever-evolving landscape of cybersecurity, the concept of Zero Trust is no longer a theoretical idea, but an active initiative being implemented by almost every organization across various industries. According to Christopher Niggel, regional chief security officer for the Americas at Okta, this shift is a response to the need to safeguard systems, data, workforces, and customers in the new digital environment.
The shift towards Zero Trust was highlighted in a report by Okta, released in mid-2022. The study, conducted by Pulse Q&A and commissioned by Okta, surveyed security decision-makers from various global regions. The report indicates that companies have largely migrated their applications to the cloud, a necessary step in the implementation of Zero Trust.
In a Zero Trust security model, companies will require anyone accessing their network to confirm their identity. This emphasis on strong identity practices, as noted by Charlie Winckless, senior director analyst at Gartner, seems to be a key factor in the success of Zero Trust implementation. Winckless also emphasizes that identity and context are the core underpinnings of the Zero-Trust approach.
The report shows almost universal adoption of zero-trust principles, with 97% of businesses either having a Zero Trust initiative or planning to adopt one in the next 12-18 months. This significant increase from 24% a year ago, as indicated by the State of Zero Trust report from Okta, signifies a rapid shift in cybersecurity strategies.
However, Winckless cautions that implementing Zero Trust will be a long journey for many organizations due to complexity and cultural change. David Holmes, senior analyst at Forrester, predicts this change for companies, especially in light of the widespread adoption of remote access post-pandemic.
To prevent unauthorized access to sensitive data, companies will limit access privileges and invest in new security measures to confirm identity. The new environment necessitates the replacement of perimeter-based approaches and low-assurance security factors such as passwords, which leave organizations susceptible to attacks.
The report also indicates that companies will focus on rolling out passwordless access over the next 12-18 months. This shift towards more secure authentication methods is a response to the challenges posed by password-based systems, which are often prone to breaches and hacking.
The adoption of Zero Trust network access technology will replace VPNs for a more secure gateway and better remote worker experience. As hybrid workers spend the vast majority of their time working from home or some other remote location, this technology is crucial for securing the digital workplace.
In conclusion, the shift towards Zero Trust security is a significant response to the challenges posed by the digital transformation and the widespread adoption of remote work. As more and more companies adopt this approach, we can expect to see a more secure digital landscape in the future.
