Forrester Consulting and iboss: Organizations are Turning to Zero Trust Network Architecture to Prevent Security Incidents
September 2022 by Forrester Consulting commissioned by iboss
iboss announced that a new study from Forrester which surveyed business leaders from companies who have implemented or are planning to implement Zero Trust has found that of those companies interested in Zero Trust, nearly three-quarters are in the planning/implementation phase. Amid record numbers of successful cyberattacks, organizations are increasingly recognizing the benefits of Zero Trust for improved security, but many survey respondents say they struggle to effectively implement it into their existing IT network architecture.
The new study, conducted by Forrester Consulting and commissioned by iboss, reflects widespread concern about various security issues facing organizations. 77% of respondents – all of whom work in IT and are involved in network security strategy decisions – said that an increased number of data breaches is the most significant challenge facing their organization. Meanwhile, 84% said one of their top security priorities over the next year is preventing outsider cybersecurity threats. Additionally, 63% said that stemming a rising tide of security/ransomware incidents is motivating their organization’s move to Zero Trust.
To combat cyber threats, organizations are moving quickly to implement Zero Trust security. In fact, our study interviewed companies interested in Zero Trust and 75% of those organizations said they have implemented or plan to implement Zero Trust edge/secure access service edge in the next year. Two-thirds (66%) say this is a top strategic security priority over the next 12 months. However, despite these figures, the survey also suggests companies face several key hurdles in implementing Zero Trust, including working across cloud and on-prem environments, a lack of security skills and resources and difficulty authenticating employees in hybrid and remote work environments.
"IT decision-makers today face several challenges, but some of the biggest are the increasing numbers of data breaches and hacks," said Paul Martini, CEO and co-founder of cloud cybersecurity company iboss. "Modern security should be focused on protecting an organization’s data and resources, regardless of where an employee is accessing that information from. That’s the reason why the U.S. government has turned to Zero Trust security for federal agencies and that’s why forward-thinking organizations are increasingly implementing it as well."
Additional key findings of the study include:
Respondents are not only concerned with external threats. In fact, 74% said protecting their network from insider threats is a top security priority over the next year.
Every respondent said there would be some consequences for not adopting Zero Trust.
66% said it would lead to an increase in data breaches.
61% said it would lead to ransomware and security incidents.
57% are concerned about potential financial penalties due to failed compliance.
50% said not adopting Zero Trust would damage their brand’s reputation.
63% said their organization struggles to understand how to operationalize Zero Trust into their existing network architecture.
The biggest challenges that have impacted organizations’ ability to implement Zero Trust include:
Working across cloud and on-premises environments (59%)
Lack of security skills and resources (56%)
Difficulty authenticating employees in hybrid or remote work environments (50%)
In addition to security concerns, 65% find connectivity and performance issues related to VPNs challenging and 60% are challenged by protecting a remote workforce.
Respondents recognized that there are several benefits to implementing a single security service edge to support a Zero Trust architecture strategy:
68% said that it would help accelerate digital transformation initiatives
61% said it would improve breach detection and vulnerability management
54% said it would lower capital and operational expenditures on security
The study surveyed United States and United Kingdom-based IT network security strategy decision-makers. 58% say they work for an organization that employs 1000-4999 employees. 100% said they work for an organization that employs more than 1,000 people and Respondents are the final decision makers, are a part of a decisioning team, or influence decisions related to their organization’s network security strategy.
iboss’ Zero Trust platform is a purpose-built, patented, cloud delivered security platform and has more than 100 points of presence globally. A Zero Trust Architecture built on iboss consolidates network security technologies (SWG, CASB, DLP, IPS, malware defense, browser isolation, firewall) into a single unified cloud platform and eliminates the need for a VPN while securing any device, regardless of location. With applications, data and services made accessible only through the iboss Zero Trust Edge, cyber risk is greatly reduced, breaches and data loss are prevented, and visibility and security are delivered consistently throughout an organization.