The State of Zero Trust Report - Free Download
The increase in breaches and ransomware is in the news constantly, and as intrusions continue to rise, organizations are looking for solutions. Although zero trust is included as part of a comprehensive cybersecurity strategy, the top priorities vary.
The zero-trust network security model has become a pervasive topic for IT professionals. Many organizations have a vision of what they want or need in terms of zero-trust and zero-trust network access (ZTNA), but the completeness of their vision isn’t necessarily being translated into the solutions they’re able to put in place.
Most organizations claim to either have a zero-trust access (ZTA) or ZTNA strategy either in place or in active deployment. However, most also report that they cannot consistently authenticate users or devices and struggle to monitor users after authentication. Additionally, many organizations also report that implementing zero trust across an extended network is difficult. Because these are generally considered to be fundamental zero-trust functions, it appears that many organizations either misunderstand zero trust or that their solutions are being incompletely deployed.
The State of Zero Trust
The zero-trust network security model isn’t new. Data breaches are on the rise, and as organizations move more of their business functions to the cloud, attacks on web applications now represent 39% of all breaches.
Most people involved in cybersecurity agree that the concepts behind the zero-trust security model make sense. Instead of assuming anyone or anything that has gained access to the network can be trusted, a zero-trust mindset assumes the opposite. Nothing can be trusted anywhere, whether outside or inside the network perimeter.
The shift from implicit trust to zero trust is a response to the rising incidents and costs of cyber crime. The global average cost of a data breach is now $4.24M, and the top three initial attack vectors are compromised credentials (20%), phishing (17%), and cloud misconfiguration (15%). A robust implementation of zero-trust solutions can reduce the likelihood of attack using tools such as multi-factor authentication and mitigate the effects of a breach through techniques like microsegmentation.
Zero Trust Access
It’s no longer safe to assume that just because a device is connected to the network, it should have access to everything. Fortinet Zero Trust Access continually verifies who and what is using your resources. IoT and endpoint devices are identified and secured, while IT teams gain full visibility into and control over what’s connected to your network.
Universal Zero Trust Network Access (ZTNA)
ZTNA is a capability within Zero Trust Access (ZTA) that controls access to applications. It extends the principles of ZTA to verify users and devices before every application session. ZTNA confirms that they meet the organization’s policy to access that application.
Disconnect Between Implementation and Gaps
One striking statistic was that most survey respondents reported that they already have a zero-trust and/or ZTNA strategy in place or development, with over one-third saying they are fully implemented. Only 6% haven’t started implementation yet.
Although organizations report they are working on implementing zero trust, given the reported gaps in implementation, these efforts aren’t as seamless or easy as some vendors might make it sound.
A proper zero-trust solution is all about knowing exactly who and what is on the network at any given moment and that authenticated users and devices are only provided with the minimum level of access for them to do their job. So, when organizations report that they aren’t able to authenticate users and devices on an ongoing basis and struggle to monitor users for authentication, zero trust isn’t doing its job.