Survey shows entities face gaps in zero trust

A SURVEY conducted by Fortinet, a global leader in broad cybersecurity solutions, showed more than half of organizations face gaps in their zero-trust implementation.

In its Global State of Zero Trust Report, it revealed that more than half of organizations cannot translate zero-trust vision into the solutions they are implementing because they lack some basic core fundamentals of zero trust. Organizations also struggle to consistently authenticate users and devices.

Zero-trust security is the process of eliminating points of vulnerability by limiting network access for users and adopting extensive identity verification, resulting in enhanced data protection, reduced complexity and lessened labor cost.

"With the evolving threat landscape, transition to work from anywhere and the need to securely manage applications in the cloud, the shift from implicit trust to zero trust is top of mind for organizations," John Maddison, executive vice president at Fortinet, said.

The survey showed that while most organizations have some form of zero-trust strategy in place, they fall short of a holistic strategy and struggle to implement some core zero-trust security basics.

"An effective solution requires a cybersecurity mesh platform approach to address all zero-trust fundamentals across the infrastructure, including endpoint, cloud and on-premises, otherwise the result is a partial, non-integrated solution that lacks broad visibility," Maddison said.

The report illustrates some confusion about what comprises a complete zero-trust strategy.

Respondents indicated they understand zero trust (ZT) (77 percent) and ZT Network Access (ZTNA) (75 percent) concepts and over 80 percent reported already having a ZT and/or ZTNA strategy in place or development.

Yet, over 50 percent indicated being unable to implement core zero-trust capabilities. Nearly 60 percent indicated they do not have the ability to authenticate users and devices on an ongoing basis and 54 percent struggle to monitor users post-authentication, the survey showed.

This gap is concerning because these functions are critical tenets of zero trust and it brings into question what the actual reality of these implementations is across organizations, the survey said.

Source: TheManila Times