Company culture and employee behaviour are both a motivator behind starting on a ‘Zero Trust journey’ and a barrier, according to a survey by a network analytics product firm.
Shadow IT and employee education were cited as top challenges facing respondents in an online survey in July, signalling that businesses may look to adopt a Zero Trust architecture (briefly, moving your cyber perimeter from the edge of the network to assets within that network) to minimise the risk of the insider threat. Most survey respondents (89pc) had a high overall awareness of Zero Trust, with 67pc adopting or planning to adopt the framework, typically for risk or data protection reasons.
Conversely, 65 per cent of respondents who decided not to adopt the framework cited wrong company culture as the top reason behind this decision and getting employees on board (28pc) was named the most important thing to have in place before starting work towards Zero Trust.
Comment
Bassam Khan, VP Product and Technical Marketing Engineering at Silicon Valley-based Gigamon, said: “This research dives into issues that IT and security professionals face, the causes of these issues and frameworks IT is adopting, following a major global shift in how work gets done. With rapid changes and an ever-growing attack surface, IT and security teams are beginning to rely on a solid framework to better manage risks.
“The fact Zero Trust had both high awareness and high adoption as an initiative demonstrates its increasing prominence in the industry. We can see that perceptions of Zero Trust have considerably changed, as 86pc of those surveyed said that Zero Trust had/could have helped their business as it deals with the impacts of the current global situation. What’s more, 78pc of the companies surveyed agreed it would have a positive effect on security without compromising productivity, showing its viability in today’s digital infrastructure.”
The report also looked at whether Zero Trust was a board level issue; three in ten of respondents (30pc) agreed that Zero Trust should ‘absolutely be discussed at board level’; for about one in four, 24pc it should ‘be a priority at any boardroom table given the current climate’.
Khan added: “With digital strategies pivoting to accommodate the economic uncertainty and unprecedented change caused by the new normal, security is only going to become a more prominent topic at the C-level. It’s interesting to see that elements of the Zero Trust journey are already being discussed, and hopefully this will continue, as board support is vital for the implementation and success of any Zero Trust initiative.”
