CDSA

A new report from cybersecurity firm Fortinet finds that while many organisations worldwide are implementing zero trust strategies, nearly half of respondents report significant challenges related to a lack of integration between zero trust solutions deployed on-premises and in the cloud.

The findings from the global 2023 “State of Zero Trust” report provide an overview of the current state of zero-trust security efforts and the progress IT teams have made following the pandemic-initiated need to secure remote workers. The report also delves into the continuing challenges many organisations face in securing a hybrid workforce.

Key findings from the “State of Zero Trust” report include:

• Organisations of all sizes are working to implement zero-trust strategies. Since the last survey in 2021, companies have deployed more solutions as part of their zero-trust strategies. The number of respondents that report being in the process of implementation is 66 percent, up from 54 percent in 2021. Companies are working to enable zero trust everywhere to minimise the impacts of a breach.

• Organisations continue to face challenges in implementing their zero-trust strategies. Although companies are moving forward, they still face challenges. Nearly half of respondents (48 percent) indicated that a lack of integration between the zero-trust solutions deployed on-premises and in the cloud is the most significant issue they need to address. Other reported challenges relate to end-to-end policy enforcement, application latency, and a lack of reliable information to help select and design a zero-trust solution.

• Solutions must cover both on-premises and remote users with a consistent application access policy and success has been mixed. Many companies need to secure access to applications both on-premises and outside of the network, and nearly 40 percent of respondents report still hosting more than half of their applications on-premises. It’s notable that 75 percent also have encountered issues because of relying on cloud-only ZTNA.

The consolidation of vendors and solution interoperability is crucial. Deploying solutions from multiple vendors has led to challenges such as the introduction of new security gaps and high operations costs. Larger companies are looking to consolidate solutions to simplify operations and reduce overhead.

• SASE is a priority. The top priorities for SASE solutions vary, but “security effectiveness” is the most significant, with 58 percent placing it in their top three priorities. According to 89 percent of respondents, SASE integration with their on-premises solutions is also very or extremely important.

• Despite claims that everything is moving to the cloud, most organisations still have a hybrid application and data strategy in place. ZTNA needs to work no matter where applications and users are located, and respondents indicated that the top areas that a hybrid ZTNA strategy must cover include web applications (81 percent), on-premises users (76 percent), remote users (72 percent), on-premises applications (64 percent), and SaaS applications (51 percent).

“The Fortinet 2023 State of Zero Trust Report shows that although more organisations are implementing a zero-trust strategy, they still face challenges related to integration,” said John Maddison, EVP of products and CMO at Fortinet. “To successfully implement zero trust, organisations need solutions that are designed to converge networking and security and have the ability to span multiple environments, such as Fortinet Universal ZTNA and Universal SASE.”

The survey was conducted from March 30-April 2 with 570 IT and security leaders from 31 different countries, representing nearly all industries, including the public sector.

To download the full report, click here.