PlainID study: 50% of Zero Trust programmes risk failure

Share
Historically, a zero trust framework was focused on solving challenges associated with authentication, end point and network access security
PlainID’s survey revealed only 50% consider authorisation in zero trust programmes, with lacking expertise and resources leaving gaps in security systems

A new survey exploring insights into Zero Trust programmes was conducted by PlainID and reveals that, although Chief Information Security Officers (CISOs) are implementing a zero trust framework, only 50% said that authorisation makes up their zero trust programme.

Zero trust approach has been celebrated as potentially offering new ways to protect businesses in a reliable and flexible way. With a shift to remote working having hugely benefited workforces, it has also left greater room for cyber attacks.

Whilst CISOs consider zero trust key to cybersecurity, the PlainID survey states , without “true” zero trust, organisations risk gaps in their security infrastructure.

The importance of authentication in robust cyber security measures

The survey was carried out by Censuswide, on behalf of PlainID, and questioned 200 CISOs and CIOs in April 2023 from companies with more than 500 employees across the UK and USA.

Findings revealed that only 31% of respondents feel as though they currently have sufficient visibility and control over authorisation policies that are intended to enforce appropriate data access.

In addition, 45% of respondents indicated a lack of sufficient technical resources as a challenge in optimising enterprise authorisation and access control, alongside 41% claiming to use OPA-based solutions to authorise identities.

Essentially, organisations may have implemented a form of zero trust but the survey suggests that they do not necessarily have the complete tool set or on-staff expertise and knowledge to have true visibility and control of their network.  

Historically, a zero trust framework was focused on solving challenges associated with authentication, end point and network access security. However, PlainID’s survey highlights that identity related breaches have increased exponentially, with the convergence of identity and access management with traditional security having accelerated the need for new technical capabilities for enterprise authorisation and access controls. 

Zero trust aiming to shift the traditional cybersecurity model

With this in mind, organisations are finding themselves building their own homegrown solutions, which can appear cost effective. 40% of respondents also said they use a homegrown solution to authorise identities. 

However, this leaves gaps within the overall security posture if not developed, deployed, and maintained properly and ultimately results in higher operational costs and enterprise risk over time.

Security must remain fluid and ever-evolving as cyber adversaries will repeatedly re-strategise and evolve to breach organisations. Without the technical staff capable of maintaining infrastructure, the survey highlights that there may be a false layer of confidence that could lead to a betrayal of trust from partners and customers when data is stolen. 

PlainID highlights demands from business stakeholders to keep pace with digital initiatives and the importance of ensuring the highest levels of security and user experience. Only then, will there be a drive to adopt next generation enterprise authorisation solutions. 

As threat actors become increasingly more sophisticated and cyberattacks more frequent, the need for organisations to have robust cybersecurity strategies in place has never been more crucial.

“Zero trust must treat all identities as potential threats. While zero trust boosts higher levels of confidence, it's imperative to pair it with a comprehensive authorisation framework,” said Oren Ohayon Harel, CEO and co-founder of PlainID. 

“Enterprises today need continuous evaluation and validation across all tech stack interaction to mitigate data breach impacts.” 


******

For more insights into the world of Technology - check out the latest edition of Cyber Magazine and be sure to follow us on LinkedIn & Twitter.

Other magazines that may be of interest - AI Magazine | Technology Magazine.

Please also check out our upcoming event - Sustainability LIVE in London on September 6-7 2023.

******

BizClik is a global provider of B2B digital media platforms that cover Executive Communities for CEOs, CFOs, CMOs, Sustainability Leaders, Procurement & Supply Chain Leaders, Technology & AI Leaders, Cyber Leaders, FinTech & InsurTech Leaders as well as covering industries such as Manufacturing, Mining, Energy, EV, Construction, Healthcare + Food & Drink.

BizClik – based in London, Dubai, and New York – offers services such as Content Creation, Advertising & Sponsorship Solutions, Webinars & Events.

Share

Featured Articles

SonicWall and CrowdStrike Unite for SMB Security Service

SonicWall partners with endpoint protection specialist CrowdStrike to offer managed detection and response capabilities through managed service providers

FS-ISAC CISO Talks Cyber Strategies for Financial Providers

FS-ISAC CISO JD Denning explains the cyber strategies financial providers need to adopt in order to stay afloat in the wave of cyber attacks

Darktrace Reports 692% Surge in Black Friday Cyber Scams

AI cybersecurity firm Darktrace reveals increase in brand impersonation attacks targeting retailers, with holiday-themed phishing attacks rising 327%

KnowBe4 Launches AI Agents to Counter Phishing Threats

Technology & AI

Gen Reports 614% Rise in Command Prompt Manipulation Scams

Cyber Security

SAVE THE DATE – Cyber LIVE London 2025

Cyber Security