SolarWinds, Colonial Pipeline, HSE. Not a day goes by that we do not open our proverbial newspapers to find headlines regarding the latest cyber breach, each seemingly worse than the one prior. With attackers becoming more sophisticated and breaches becoming more consequential, one thing is clear: current approaches to cybersecurity are not working. What organizations need is a fundamental mindset shift, one that adopts a Zero Trust approach, in order to minimize the impact of these never-ending attacks.
To this end, we took to Twitter to poll our EMEA-based online community on how they manage breaches and think about Zero Trust. While it is safe to assume that almost all organisations will be attacked (or have been already), we should do our best to stop these instances from escalating into catastrophic breaches. Implementing a Zero Trust strategy is part of this process, but adoption in EMEA has historically lagged behind the U.S. That said, we are now starting to see a shift and more global recognition of the benefits of Zero Trust.
To gauge this, we asked the question:
Is Zero Trust a reality at your organisation yet?
While this may show that over half of organizations have yet to put Zero Trust on their radar, this is actually a step forward from where most research indicated last year. That said, around 65% of respondents believe that organizations across EMEA are not taking Zero Trust seriously enough. This is particularly worrisome as a Zero Trust strategy will minimize the impact of a breach and should be a fundamental mindset shift that all organizations work toward for greater cyber resiliency.
Our findings also illustrate a misconception regarding the complexity of implementing Zero Trust or any other security framework. 32.4% of respondents state that their Zero Trust journeys have completely stalled and 31.6% say that it was causing delays.
One of the main reasons for deploying Zero Trust is to mitigate the impact of a breach. While it may not be possible to prevent it completely it is possible to reduce the ‘blast radius’ by stopping it from spreading.
Additionally, we asked whether companies have the tools to stop a breach from spreading. 49.8% responded that they were “not even close”. This is quite surprising, considering that segmentation has existed for over 25 years. However, given the shift in traffic patterns generated by modern applications, traditional methods of segmenting cannot meet new requirements. This is why we are seeing a growth in micro-segmentation to deliver the fine grain control that we now require.
The recent cybersecurity executive order from President Biden’s office tasks federal agencies with implementing a Zero Trust approach to security. While this is aimed at the U.S., it is likely to have an impact in EMEA as well, and serve as the much-needed push toward Zero Trust strategy budget and widespread adoption.
Are you ready to take the first step on your Zero Trust journey? Find out how to get started here.