A recent survey conducted by Entrust has revealed that the primary driving force behind the implementation of zero trust strategies globally is the fear of cyber breaches. The survey, titled the 2024 State of Zero Trust & Encryption Study, gathered responses from over 4,000 IT security practitioners around the world.
Traditionally, organizations have invested in security measures primarily to comply with regulations. However, the survey showed a shift in priorities, with 41% of respondents now indicating that their main reason for investing in security is to mitigate the risks of data breaches and other security incidents. This change in attitude reflects the increasing threat landscape, which includes costly breaches, AI-generated deepfakes, synthetic identity fraud, ransomware attacks, and cyber warfare.
Samantha Mabey, Director of Solutions Marketing at Entrust, emphasized the urgency of implementing zero trust security practices in light of these escalating threats. She highlighted the critical role that such practices play in safeguarding organizations’ and their customers’ data, networks, and identities.
One of the key challenges cited by organizations in adopting zero trust strategies is the concern over cyber risks. Two-thirds of organizations identified cyber breach risks as the most significant driver for implementing these strategies. In the United States, this concern is even more pronounced, with 50% of organizations citing cyber breach risks and 29% highlighting the expanding attack surface as key drivers.
Despite a reported 60% of organizations receiving significant support from senior leadership for zero trust initiatives, there are still obstacles to implementation. A lack of skills and budget constraints were cited as the major roadblocks, underscoring a disconnect between support and resource allocation.
While a majority of organizations (62%) have already embarked on their zero trust journey, the adoption rate among US organizations stands at 48%. This discrepancy raises concerns about the readiness of Western entities to address cybersecurity threats effectively.
Among the top security concerns identified by respondents, the exposure of sensitive or confidential data by hackers ranked highest, followed by system or process malfunctions and unmanaged certificates. Interestingly, employee mistakes, which had been a consistent top security threat in previous years, did not feature prominently in this year’s survey results.
The survey also highlighted challenges related to credential management, with 50% of respondents citing a shortage of skilled personnel, 47% pointing to a lack of clear ownership, and 46% identifying inadequate staffing as primary obstacles.
In conclusion, the survey findings underscore the growing recognition of the importance of implementing zero trust strategies to address evolving cybersecurity threats. As organizations grapple with the complex and dynamic threat landscape, prioritizing security investments to mitigate the risks of cyber breaches has become a pressing business imperative. The need for skilled personnel, clear ownership, and adequate staffing in implementing these strategies remains crucial to bolstering organizations’ defenses against cyber threats.