IT Brief Australia - Technology news for CIOs & IT decision-makers
Story image
Operating models increasingly complex, difficult to secure - BeyondTrust
Thu, 27th Apr 2023

BeyondTrust has announced the release of a new global survey, Identity Issues Impact Zero Trust Effectiveness. The survey's research focused on understanding current identity and zero trust trends, adoption rates, incidents, solutions, challenges, and new areas of focus.

The research also investigated the integration requirements and techniques for zero trust solutions and how they interact with other key business applications and systems.

The report reviewed key findings from a research survey interviewing more than 300 participants across five continents and included security teams, IT professionals, and executives.

Morey Haber, Chief Security Officer at BeyondTrust, comments, "Today's business operating models are highly complex, with remote employees accessing critical systems using dozens, and even hundreds of applications.

"Data is transmitted between clouds and corporate data centres, with third-party contractors and supply chain partners, suppliers, and shippers directly connecting to these corporate systems. Legacy security architectures and network defences are less effective at managing this extended perimeter.

"Zero trust principles and architectures are being adopted by public and private sectors because they have become one of the most effective approaches to mitigating the heightened risks to highly sensitive identities, assets, and resources."

The research found that almost all respondents had an identity-related incident in the last eighteen months, with 81% indicating two or more incidents. A significant number of these incidents were related to privileged accounts. More than 70% of companies are still in the process of implementing a zero trust approach needed to secure an expanding security perimeter due to increased cloud utilisation and remote workers.

Nearly all companies indicated they were using multiple vendors and solutions for their zero trust strategy, with most using four or more solutions. Of the companies interviewed, 70% rely on custom coding for integration, often provided by costly third-party services. 84% needed several different integration approaches for their zero trust defence, complicating the deployment process.

Integration has become a critical issue for many companies, as more than 70% of those surveyed removed a security solution simply because it didnt integrate effectively. Those surveyed reported that gaps in their zero trust approach resulted in slower issue resolution, poorer user experiences, incorrect access privileges, manual intervention, compliance issues, and more.

Essentially every company indicated a zero trust approach needs to integrate with numerous other business and collaboration applications to ease the burden of integration processes. Integration challenges have led the majority to make native integration a key selection criterion for zero trust solutions.

Better integration not only saves resources, but time as well, with more than 9 out of 10 companies indicating an integrated ecosystem creates a faster response to security issues and improved compliance. 

Identity-related findings:

  • 93% report identity issues stemming from integration problems
  • 81% report 2 or more identity issues over the last 18 months
  • 63% report identity issues were directly related to privileged users and credentials, and 5% arent sure

Zero trust-related findings:

  • 76% of organisations are still in the process of implementing a zero trust approach to secure their environment
  • 96% of companies use multiple solutions for their zero trust approach, with 56% using 4 or more

Integration-related findings:

  • 70% of companies must rely on vendor custom code for their zero trust solution integration
  • 84% of companies have multiple integration approaches to make their zero trust strategy operational
  • 99% of companies indicate zero trust solutions need to integrate with numerous other applications
  • 94% report that easy integration is very important or important, with no participants indicating it was not important
  • 78% indicate native integration is a key selection criterion for zero trust solutions zero trust