Rapid digital transformation, increased remote work, and evolving cybersecurity threats have catapulted Zero Trust from an IT buzzword to a foundational cybersecurity model. Zero Trust assumes no inherent trust for any entity (users, devices, applications, etc.) within an organization’s network, requiring strict identity verification for every access request, regardless of its origin, to minimize potential security risks.
The 2023 report “The Path to Zero Trust: Industry Insights and Best Practices” made possible through a comprehensive survey of 423 IT and cybersecurity professionals, aims to explore and reveal the adoption trends, challenges, and current state of Zero Trust.
Key findings include:
• A significant percentage of organizations (65%) are prioritizing the modernization of their Zero Trust framework, particularly user authentication with phishing-resistant MFA.
• According to 41% of respondents, the most significant accelerating factor for Zero Trust implementation is enhancing user authentication & access controls.
• The top priority at 62% is moving away from passwords and legacy MFA to modern, phishing-resistant MFA. Organizations are also prioritizing identity and access management (IAM) (52%) and focusing on secure cloud application access (50%).
• Organizations are adopting a multi-product approach to implement Zero Trust, with 50% of respondents using between 2 and 4 products.
• Despite the surge in interest, the actual implementation of Zero Trust is still a work in progress, with only 18% of organizations already having Zero Trust access in operation while 31% have Zero Trust implementation projects underway.
We want to extend our sincere gratitude to Yubico for supporting this important research. As organizations continue to navigate the complexities of the cybersecurity landscape, we hope this report serves as a valuable resource in your journey towards Zero Trust. The insights, best practices, and data-driven perspectives provided in this report will help inform your strategies, investments, and implementations of Zero Trust security.