PlainID study: 50% of Zero Trust programmes risk failure

A new survey exploring insights into Zero Trust programmes was conducted by PlainID and reveals that, although Chief Information Security Officers (CISOs) are implementing a zero trust framework, only 50% said that authorisation makes up their zero trust programme.

Zero trust approach has been celebrated as potentially offering new ways to protect businesses in a reliable and flexible way. With a shift to remote working having hugely benefited workforces, it has also left greater room for cyber attacks.

Whilst CISOs consider zero trust key to cybersecurity, the PlainID survey states , without “true” zero trust, organisations risk gaps in their security infrastructure.

The importance of authentication in robust cyber security measures

The survey was carried out by Censuswide, on behalf of PlainID, and questioned 200 CISOs and CIOs in April 2023 from companies with more than 500 employees across the UK and USA.

Findings revealed that only 31% of respondents feel as though they currently have sufficient visibility and control over authorisation policies that are intended to enforce appropriate data access.

In addition, 45% of respondents indicated a lack of sufficient technical resources as a challenge in optimising enterprise authorisation and access control, alongside 41% claiming to use OPA-based solutions to authorise identities.

Essentially, organisations may have implemented a form of zero trust but the survey suggests that they do not necessarily have the complete tool set or on-staff expertise and knowledge to have true visibility and control of their network.  

Historically, a zero trust framework was focused on solving challenges associated with authentication, end point and network access security. However, PlainID’s survey highlights that identity related breaches have increased exponentially, with the convergence of identity and access management with traditional security having accelerated the need for new technical capabilities for enterprise authorisation and access controls. 

Zero trust aiming to shift the traditional cybersecurity model

With this in mind, organisations are finding themselves building their own homegrown solutions, which can appear cost effective. 40% of respondents also said they use a homegrown solution to authorise identities. 

However, this leaves gaps within the overall security posture if not developed, deployed, and maintained properly and ultimately results in higher operational costs and enterprise risk over time.

Security must remain fluid and ever-evolving as cyber adversaries will repeatedly re-strategise and evolve to breach organisations. Without the technical staff capable of maintaining infrastructure, the survey highlights that there may be a false layer of confidence that could lead to a betrayal of trust from partners and customers when data is stolen. 

PlainID highlights demands from business stakeholders to keep pace with digital initiatives and the importance of ensuring the highest levels of security and user experience. Only then, will there be a drive to adopt next generation enterprise authorisation solutions. 

As threat actors become increasingly more sophisticated and cyberattacks more frequent, the need for organisations to have robust cybersecurity strategies in place has never been more crucial.

“Zero trust must treat all identities as potential threats. While zero trust boosts higher levels of confidence, it's imperative to pair it with a comprehensive authorisation framework,” said Oren Ohayon Harel, CEO and co-founder of PlainID. 

“Enterprises today need continuous evaluation and validation across all tech stack interaction to mitigate data breach impacts.” 

******

For more insights into the world of Technology - check out the latest edition of Cyber Magazine and be sure to follow us on LinkedIn & Twitter.

Other magazines that may be of interest - AI Magazine | Technology Magazine.

Please also check out our upcoming event - Sustainability LIVE in London on September 6-7 2023.

******

BizClik is a global provider of B2B digital media platforms that cover Executive Communities for CEOs, CFOs, CMOs, Sustainability Leaders, Procurement & Supply Chain Leaders, Technology & AI Leaders, Cyber Leaders, FinTech & InsurTech Leaders as well as covering industries such as Manufacturing, Mining, Energy, EV, Construction, Healthcare + Food & Drink.

BizClik – based in London, Dubai, and New York – offers services such as Content Creation, Advertising & Sponsorship Solutions, Webinars & Events.