Okta: Embrace of zero trust surging amid growing cybersecurity concerns
An annual survey by Okta Inc. finds that the embrace of zero-trust security is surging amid growing concern about cybersecurity challenges among enterprises.
Okta’s State of Zero Trust Security 2022 report released today, based on a survey of 700 security leaders, found that nearly all organizations surveyed have either already started a zero-trust initiative or have definitive plans to start one in the coming months. Further, organizations are being pressured to make progress quickly, particularly after the U.S. government has mandated, by executive order, the development of zero-trust architecture across governmental agencies.
Noting that zero-trust initiatives have come astonishingly far in one year, the survey found that 55% of respondents now have a zero-trust initiative in place and 42% are planning to implement zero trust in the near future. The embrace compares with 24% having zero-trust initiatives in place in 2021, with 65% planning to implement one in the following 12 to 18 months.
Among those surveyed, the link between security and usability was noted to be closer than ever. Driving this embrace has been the switch to remote work driven by the COVID-19 pandemic, resulting in many organizations accruing security debt — that is, not investing enough in such initiatives — and learning where their vulnerabilities lie.
The same organizations have also realized that security doesn’t have to come at the cost of usability thanks to the increasingly widespread adoption of passwordless authentication. Passwordless access is a priority globally over the next 12 to 18 months. Nearly a quarter of financial services respondents said they plan to move forward with passwordless security soon or have already done so, with 27% in healthcare and 18% in software development expecting to do likewise.
Zero trust has been at the forefront of the rapidly changing security environment, with 80% of respondents deeming identity important to their zero trust strategies. Nearly one in five respondents said they had taken this a step further, declaring identity to be business-critical.
Identity was singled out as a critical contributor to zero trust among virtually all of organizations surveyed. The number was similar across senior leadership, including chief information security officers and c-suite executives, with 98% recognizing the integral role of identity in a robust zero-trust approach.
Identity was also identified as a key focus within the healthcare and financial services sector. In the healthcare sector, the last holdouts are now committing to new initiatives in the future. In 2021, 37% of organizations in the sector had started implementing zero-trust initiatives, which has now increased to 58% in 2022.
The survey also found that 96% of those in healthcare have at least one initiative planned within the next 12 to 18 months, and for the vast majority, those initiatives will involve identity. Virtually all pointed to identity as central to their zero-trust strategies, some 72% describing it as important and 27% as business critical.
In financial services, the figures were similar. Three-quarters of companies in the sector said they aim to extend single sign-on and multifactor authentication to servers, databases and application programming interfaces within 18 months. Four in five said they had already extended SSO to employees, but only 37% have implemented MFA to users outside their organizations.
The uptake varied by region as well. Organizations in Asia, the Pacific, Europe and the Middle East were more likely to embrace zero trust and to have implemented automation and access management. In EMEA, the figure was 97% having already done so or planning to, compared with 70% for North America.
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.