Cybersecurity In-Depth: Digging into data about the latest attacks, threats, and trends using charts and tables.
Security Teams Struggle to Get Started With Zero Trust
Nearly a third of respondents in a Dark Reading survey on endpoint security strategy say zero trust is too confusing to implement.
Ask about corporate endpoint security strategy and zero trust inevitably comes up in the conversation. Even U.S. President Biden is talking about zero trust. While the growing number of threats to end-user devices and the increasingly distributed computing environment is fueling interest in zero trust, it is also a source of confusion for IT and security decision-makers, according to Dark Reading’s "2022 Endpoint Security Survey."
Vetting and authenticating every access request to enterprise systems, applications, and data – regardless of whether the request originated within or outside the network – is a key part of the zero-trust model, but organizations are facing multiple challenges on their zero-trust journey. Just over a fifth – or 21% of respondents – say they have no idea which product to buy or which vendor to work with. Another 11% say they feel overwhelmed and don't know where to start.
That level of confusion is concerning, considering that interest in zero-trust network access is growing. While 22% identified zero trust as a major area for change in 2021, that figure doubled to 44% in 2022. A little over half of the respondents in the survey (52%) say they have not yet implemented a zero-trust initiative internally but are working on doing so this year.
But if a third of the respondents in the survey are struggling to get started, or even figuring out what they need to do, that means a lot of zero-trust initiatives are going to potentially flounder.
Some of the challenges are expected: Sixty-eight percent say they had to develop new security controls or practices to support zero trust, while 52% say users need training on new policies.
Multiple surveys – not just this one – show that security decision-makers consider zero trust as a top priority, or one of the top priorities, for their organizations. But for many respondents, zero trust is still an uphill climb.
Read more about how enterprises are addressing endpoint security threats in a post-pandemic world.
About the Author
You May Also Like
Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024The Right Way to Use Artificial Intelligence and Machine Learning in Incident Response
Nov 20, 2024Safeguarding GitHub Data to Fuel Web Innovation
Nov 21, 2024The Unreasonable Effectiveness of Inside Out Attack Surface Management
Dec 4, 2024