Zscaler Finds IT Leaders Lack Confidence in Cyber Plans
Zscaler, a cloud security company that provides zero-trust architecture solutions, reports that technology leaders lack preparedness for cyber attacks, despite claiming confidence in their security infrastructure.
In its "Unlock the Resilience Factor" report, which surveyed 1,700 IT decision-makers across 12 countries, Zscaler found that while 49% of respondents believe their IT infrastructure is resilient, only 45% have updated their cyber resilience strategy to address artificial intelligence threats.
Jay Chaudhry, CEO, Chairman and Founder of Zscaler, says: "The possibility of a major failure scenario for organisations is not an 'if' but 'when', as the statistics in our report show."
Technology leaders struggle with Zero Trust implementation as AI threats emerge
The research identifies gaps in cyber defence strategies, with 40% of IT leaders failing to review their cyber resilience approach in more than six months. This comes as artificial intelligence-powered threats and ransomware attacks continue to evolve.
The survey reveals that 60% of IT leaders focus on preventing attacks rather than developing recovery strategies. This approach leaves organisations exposed when preventive measures fail.
- 49% agreed the level of investment doesn't match the escalating need to review cyber resilience strategies
- 44% of IT leaders have the CISO
- 36% of IT leaders say their cyber resilience strategy is included in the overall resilience strategy
- 94% of IT leaders understand how a strong cyber resilience strategy can help improve business performance
Only 42% of organisations use Zero Trust micro-segmentation, a security model that requires strict identity verification for anyone trying to access resources on a private network. Risk hunting tools, which actively search for security threats, are implemented by 44% of respondents.
Deception technologies, which create decoy systems to trap attackers, see even lower adoption at 35%.
Global cybersecurity talent shortage impacts resilience strategies
The report identifies several barriers to implementing effective cyber resilience. These include evolving compliance requirements and a global shortage of cybersecurity professionals.
Organisations operating security functions in isolation increase their vulnerability to attacks. The research shows this siloed approach impacts business continuity planning.
Jay says: "It proves the need for proactive resilience to combat and mitigate inevitable incidents before they become a significant issue for business continuity."
Zscaler finds investment in cyber resilience lacks board-level support
The report highlights a disconnect between IT teams and corporate leadership, with 39% of respondents indicating cyber resilience is a priority for senior management.
Jay says: "This change in approach requires a company-wide mindset shift that can only be enforced from the top down. Leadership needs to engage with their IT teams to create a cyber resilience strategy that is robust and fit for purpose in the face of today's ever-more volatile threat and operating landscapes."
- Increasing sophistication of cyber criminals
- Rapid adoption of emerging technologies
- Geopolitical tensions
- Advanced AI-powered attacks
- Supply chain vulnerabilities geopolitical cyber-warfare
The research finds that 43% of cybersecurity strategies do not prioritise recovery or response measures. This gap in planning leaves organisations vulnerable to prolonged disruption after successful attacks.
Companies need layered security approach to contain attacks
Organisations can limit the impact of cyber attacks by implementing multiple security measures. These include data loss prevention solutions and ransomware protection tools.
The report recommends organisations maintain regular backups and implement continuous updates to cyber resilience strategies. It suggests using artificial intelligence-powered security tools to automate threat detection and response.
James Tucker, Head of EMEA CISOs in Residence at Zscaler, says: "A cyber resilience strategy is not just a means to weather the dangers of a digital future, but also an enabler of greater innovation and improvement of your organisation without fear of consequences."
The research indicates organisations need to improve cross-functional collaboration and increase security investments to maintain long-term resilience.
James says: "With the growing threat landscape including AI-based attacks and continued pressure to digitize not likely to abate any time soon, our attack surfaces are still expanding beyond our control. A robust and proactive resilience strategy, underpinned by a zero trust architecture, ensures a foundation that won't crumble."
Explore the latest edition of Cyber Magazine and be part of the conversation at our global conference series, Tech & AI LIVE and Cyber LIVE.
Discover all our upcoming events and secure your tickets today.
Cyber Magazine is a BizClik brand
