sb-as logo
Story image

Zero trust security gaining momentum as a cybersecurity model

20 Mar 2020

As cyber attacks become more sophisticated and take advantage of advancing technology as much as any legitimate business, security attitudes and protocols have had to adapt in response, and some security professionals believe a tougher approach is best.

The uptake in zero trust security solutions reflects this, and a report released today from TeleGeography reveals a rising interest among chief information security officers (CISOs) in the model.

Zero trust security is an IT security model where, by default, no user or device is trusted inside or outside of the network. 

The model is centred on the belief that organisations should not automatically trust anything inside or outside its perimeters and instead must verify anything trying to connect to its systems before granting access, according to CSO.

According to the survey from TeleGeography, interest in zero trust security remains high among WAN managers, while only 8% have actually implemented the IT security model.

The survey collected around 100 responses from companies ranging in size from SMEs to Fortune 500 enterprises, according to TeleGeography.

31% of respondents are considering zero trust security, 19% are in the adoption phase and 20% of respondents unfamiliar with the concept.

“Zero trust security is making the move from buzzword to serious consideration,” says TeleGeography analyst Elizabeth Thorne.

“WAN Managers recognize the opportunity in going beyond legacy models and exploring the potential of zero trust security in their organizations. 

“The challenge for chief information officers (CIOs) is to understand the foundations necessary to make zero trust security a viable security solution. 

“For example, in order to have user or device-based security policies, you first need to identify every user and device on your network—no small task for many enterprises,” says Thorne.

“Regardless, any time a new architecture is proposed there will be hesitation and a period of assessment before adoption ramps up.”    

The report also reveals that less than 20% of enterprises have fully or mostly integrated network and security teams. 

More than 40% have separate teams but work closely together on things like SD-WAN or hybrid network adoption. 15% have largely siloed networking and security operations, according to the research.

“Enterprises are re-evaluating where security responsibilities sit within their IT operations,” says TeleGeography senior manager of enterprise research Greg Bryan.

“They are looking at greater integration between security and networking teams that will reduce risk while accelerating the adoption of networking technologies like SD-WAN. 

“WAN Managers recognize the need for stronger relationships between these teams and we anticipate fully or mostly integrated teams growing over time,” says Brian.

Story image
Kaspersky discovers COVID-19 research related cyber threats
Kaspersky researchers have identified two APT incidents that targeted entities related to COVID-19 research - a Ministry of Health body and a pharmaceutical company. More
Story image
Malware variants becoming increasingly prevalent, sophisticated and evolved
"The modern threat landscape and ongoing evolution of malware are loud factors pushing every business to understand and identify modern malware threats and the necessary precautions to take to protect against them."More
Story image
Cybercriminals leverage AI to sustain attacks on enterprises
What is less discussed is how cybercriminals are taking advantage of those very same technologies to automate their attacks, too.More
Story image
Microsoft top targeted brand by cyber criminals in Q4 2020
In Q4, 43% of all brand phishing attempts related to Microsoft (up from 19% in Q3), as threat actors continued to try to capitalise on people working remotely during the COVID-19 pandemic’s second wave. More
Story image
Hornetsecurity acquires Altaro, the latest in acquisition spree
The move is a culmination of a medley of acquisitions made by Hornetsecurity recently, following the January 2019 acquisition of Spamina, a Spanish cloud email security company, as well as EveryCloud, its British market partner, in early 2020.More
Story image
Alibaba Cloud and LGMS tackle hybrid and multi-cloud security
Alibaba Cloud and LGMS, a cybersecurity consulting company, are teaming up to tackle the challenge of security around digital transformation and hybrid cloud.More