According to Fortinet’s Global State of Zero Trust Report, most organizations have a vision of zero trust or are in the process of implementing zero-trust initiatives, and more than half are unable to transform these visions into actual solutions due to lack of some basic core fundamentals.
A FortiGuard Labs Threat Landscape report showed an increase in volume and sophistication of attacks targeting individuals, organizations, and increasingly critical infrastructure. Organizations are looking for solutions to protect against these evolving threats and zero trust is at the top of the list, but for multiple reasons.
Moreover, the shift to a work-from-anywhere setup has also put a spotlight on zero trust network access (ZTNA) in particular, as organizations need to protect important assets from workers connecting from poorly protected home networks.
Confusion Over Defining Zero-Trust Strategies
Despite respondents indicating that they understood zero trust and ZTNA concepts, and with over 80% already having zero-trust and/or ZTNA strategy in place or development, over 50% have indicated that they are unable to implement core zero-trust capabilities. Nearly 60% indicated that they do not have the ability to authenticate users and devices on an ongoing basis and 54% struggle to monitor users post-authentication.
This gap is concerning because these functions are critical tenets of zero-trust and it brings into question what the actual reality of these implementations are across organizations. Adding to the confusion are the terms Zero Trust Access” and “Zero Trust Network Access,” which are sometimes used interchangeably.
Zero Trust Is Top of Mind and Priorities Are Varied
For zero trust, the priority should be “minimizing the impact of breaches and intrusions,” followed by “securing remote access” and “ensuring business or mission continuity.” Other top priorities are “gaining flexibility to provide security anywhere” and “Improving user experiences.”
“Security across the entire digital attack surface” was the single most important benefit cited by respondents, followed by a “better user experience for remote work (VPN).”
A majority of respondents believe that it is vital for zero-trust security solutions to be integrated with existing infrastructure, work across cloud and on-premises environments, and be secure at the application layer. More than 80% however, indicated that it is challenging to implement a zero-trust strategy across an extended network. For organizations without a strategy in place or development, obstacles included a lack of skilled resources with 35% of organizations using other IT strategies for addressing zero trust.
About the Zero-Trust Report:
The report is based on a global survey of IT decision-makers aimed at better understanding how far along organizations are in their zero-trust journey, and is intended to have a better understanding of the following.
- How well zero trust and ZTNA are understood
- The perceived benefits and challenges in implementing a zero-trust strategy
- Adoption of and the elements included in a zero-thrust strategy
The survey was conducted back in September 2021 with 472 IT and security leaders from 24 different countries, representing nearly all industries, including the public sector. To access the full report, click here.
Emman has been writing technical and feature articles since 2010. Prior to this, he became one of the instructors at Asia Pacific College in 2008, and eventually landed a job as Business Analyst and Technical Writer at Integrated Open Source Solutions for almost 3 years.
