Zero Trust ! Shaping to be need of an hour
Over half of global organizations have suffered a data breach during the COVID-19 crisis, with even more arguing that they need to shift to a zero-trust model to bolster security.
A new report commissioned by Cloudflare and set to be officially releasing this week focuses mainly on Zero Trust Strategy.
Based on a poll of over 300 global security decision makers at mid and large-sized businesses, it highlights how revenue and planning (64%), customer engagement (53%) and the shift to distributed working (52%) have had the biggest impact so far in 2020.
Despite the majority of respondents claiming to have invested in new devices for work from home (WFH) employees, updated security policies and adopted new security tools for remote workers, over half (58%) still suffered a data breach. A third (33%) were hit by infrastructure outages, with a similar number (29%) struck by ransomware.
Many security bosses admit that VPNs are a major bottleneck, leading to slow connections (46%). Most (54%) say they’ve struggled to maintain these during the shift to WFH. At the same time they’re concerned over staffing shortfalls (80%), apps and data exposed to the public internet (76%) and little management over end user devices (64%).
They admit that legacy network security tools are no longer effective (64%) but have been overwhelmed by rapid migration to the cloud (80%).
The answer for many is a zero-trust approach predicated on the notion of “never trust always verify” and supported by technologies such as multi-factor authentication, network segmentation and endpoint security.
Over three-quarters (76%) of respondents want to move to this model, and even more (81%) say their organization is committed to migrating to this approach in time. However, similar numbers (75%) say they’re struggling to do so due to the complexities of user access at their organization.
The report chimes from earlier this year which revealed that global firms struggled with the shift to mass remote working due to a lack of visibility into endpoints and challenges around patching.
Although 85% said they felt ready for the shift to remote working, 98% admitted they were caught off guard by security challenges in the first two months, with overwhelmed VPNs (22%) frequently cited as a problem.