Fortinet, a Sunnyvale, California-based cybersecurity company, has unveiled a survey reporting that while most organizations have a vision of Zero Trust, or are in the process of implementing Zero Trust initiatives, more than half of organizations cannot translate this vision into practical solutions. According to Fortinet’s “Global State of Zero Trust Report,” those organizations are lacking basic core fundamentals of Zero Trust.
“With the evolving threat landscape, transition to work-from-anywhere, and the need to securely manage applications in the cloud, the shift from implicit trust to Zero Trust is top of mind for organizations,” said John Maddison, EVP of Products and CMO at Fortinet. “Our survey shows while most organizations have some form of a Zero Trust strategy in place, they fall short of a holistic strategy and struggle to implement some core Zero Trust security basics. An effective solution requires a cybersecurity mesh platform approach to address all Zero Trust fundamentals across the infrastructure, including endpoint, cloud, and on-premises, otherwise the result is a partial, non-integrated solution that lacks broad visibility.”
A FortiGuard Labs Threat Landscape Report demonstrated an increase in the volume and sophistication of attacks targeting individuals, organizations, and increasingly critical infrastructure. Organizations are looking for solutions to protect against these evolving threats and Zero Trust is top of mind, but for multiple reasons. Additionally, the shift to work-from-anywhere has put a spotlight on Zero Trust Network Access (ZTNA) in particular, as organizations need to protect important assets from workers connecting from poorly protected home networks.
The report illustrates some confusion about what comprises a complete Zero Trust strategy. Respondents indicated they understand Zero Trust (77%) and ZTNA (75%) concepts and over 80% reported already having a Zero Trust and/or ZTNA strategy in place or development. Yet over 50% indicated being unable to implement core Zero Trust capabilities. Nearly 60% indicated they do not have the ability to authenticate users and devices on an ongoing basis and 54% struggle to monitor users, post-authentication.
The Zero-Trust Report is based on a global survey conducted in September 2021 with 472 IT and security leaders from 24 different countries, representing nearly all industries, including the public sector.
The data underscore channel opportunities in helping customers to understand, and get the most out of, Zero Trust.