New Illumio Report Reveals Zero Trust Is Critically Important to Enterprises but Vastly Underutilized
Findings underscore the important role Zero Trust plays in an organization’s overall cybersecurity posture
Sunnyvale, CA — August 13, 2020 — Illumio, the leading provider of end-to-end segmentation, today released new findings that explore the role Zero Trust plays in solidifying a robust cybersecurity defense strategy, as well as where companies are in their journey to achieve Zero Trust.
The report demonstrates that although most IT and security professionals think of Zero Trust as an important part of their cybersecurity approach, many still have a long way to go in implementing their plan. Especially as users continue to move off of campus networks and onto a distributed work-from-home model and face new and expanding threat vectors, organizations must quickly adopt the Zero Trust security mindset of “never trust, always verify” to mitigate the spread of breaches by limiting access and preventing lateral movement.
Notably, 49 percent, effectively half, of the participants surveyed find Zero Trust to be critical to their organizational security model. Only 2 percent of business leaders believe Zero Trust is nonessential for their enterprise security posture.
“Zero Trust is mission critical to any cybersecurity strategy. Adversaries don’t stop at the point of breach - they move through environments to reach their intended target or access your crown jewels,” said Matthew Glenn, senior vice president of product management at Illumio. “In today’s world, stopping the lateral movement of attackers has become fundamental to a defender’s job. What’s more, as employees continue to work remotely at scale, it is essential to extend Zero Trust to the endpoint to further reduce the attack surface and secure the enterprise.”
Zero Trust Adoption Is Just Beginning
While organizations clearly value Zero Trust as a necessary part of their cybersecurity strategy, widespread adoption is lacking. Of the respondents who find Zero Trust to be extremely or very important to their security posture, only 19 percent have fully implemented or widely implemented their Zero Trust plan. Over a quarter of these leaders have begun their Zero Trust planning or deployment process. In short, all but 9 percent of the organizations surveyed are in some way working toward achieving Zero Trust.
Technologies Bolstering the Zero Trust Journey
No single product or solution enables organizations to achieve Zero Trust alone, so Illumio asked companies which technologies they have implemented on their journey to achieve Zero Trust. Not surprisingly, solutions with a lower barrier to entry, like multi-factor authentication (MFA) and single sign-on (SSO), are more widely adopted. Still, 32 percent of respondents have adopted campus-wide segmentation, another 30 percent have incorporated software-defined perimeter (SDP) technologies, and 26 percent are leveraging micro-segmentation, a key Zero Trust technology for preventing the lateral movement of attackers.
What’s Next for Zero Trust?
In the intermediate term, beyond six months, most respondents plan to implement micro-segmentation and SDP, which will pave the way for Zero Trust adoption at scale. In fact, 51 percent of respondents plan to deploy micro-segmentation as one of their primary Zero Trust controls, given its effectiveness and importance in preventing high-profile breaches by stopping lateral movement. Lastly, over the next six months, 23 percent of organizations plan to implement MFA and 18 percent plan to deploy SSO.
In collaboration with Virtual Intelligence Briefing (ViB), an interactive online community focused on emerging through rapid growth stage technologies, Illumio surveyed 461 IT and security professionals from a cross-section of mid- to large-sized companies, with 57 percent from companies with over 1,500 employees.
To download a copy of the report, visit https://www.illumio.com/resource-center/research-report/zero-trust-report
Illumio enables organizations to realize a future without high-profile breaches by preventing the lateral movement of attackers across any organization. Founded on the principle of least privilege in 2013, Illumio provides visibility and segmentation for endpoints, data centers or clouds. The world’s leading organizations, including Morgan Stanley, BNP Paribas, Salesforce, and Oracle NetSuite, trust Illumio to reduce cyber risk. For more information, visit https://www.illumio.com/what-we-do and engage us on LinkedIn and Twitter.