The Ongoing Shift to Zero Trust

The Ongoing Shift to Zero Trust

Last week, Zscaler released the findings of its annual VPN Risk Report, which revealed a growing number of VPN-induced security threats facing enterprises today. Based on a survey of hundreds of IT and cybersecurity professionals, the report highlights several aspects that organizations need to consider in order to protect themselves against escalating threats and vulnerabilities. 

The survey found that 65% of companies are considering adopting VPN alternatives, which is in line with what I’m hearing in my conversations with CXOs. The topic of Zero Trust always comes up in those discussions since firewalls and VPNs, by virtue of their antiquated architecture, connect users to the network which gives bad actors the ability to move laterally, enabling them to compromise high-value targets and potentially hold data hostage. Once you put users on the network, you’ve lost the ability to maintain a Zero Trust environment.

I would also urge organizations to do their due diligence when evaluating Zero Trust security solutions - ask the tough questions, get the vendor to “show, not tell,” and really drill down in order to get the answers you deserve. Many legacy firewall and VPN vendors claim to deliver Zero Trust, but their security foundation was built on 30-year-old firewall technology, which is no longer sufficient to protect today’s mobile, highly distributed, cloud-first organizations. The only way to truly enforce Zero Trust is by using a proxy architecture combined with strict business policies to connect users directly to applications - not to the network - thus eliminating lateral threat movement.

While the report’s findings highlight cybersecurity professionals’ awareness of the risk of relying on VPNs for remote access - 71% of companies are concerned that VPNs may jeopardize the ability to keep their IT environments secure - the reality is that legacy mindset and approaches will take time to change. However, given enterprises’ continued shift to hybrid and remote working models, the growing volume and evolving nature of threats, and employees’ expectation of securely connecting anytime, anywhere on any device, the case for adopting a holistic Zero Trust approach gets stronger every day. In fact, 80% of companies surveyed reported that adopting a Zero Trust model is a priority for them - an increase of 8% since last year’s report - and I predict that this number will continue to climb.

To see more findings from the report, please read the CSO Magazine article, the press release, or access the report here. For more information on how to implement Zero Trust as a guiding principle for building a secure network, please download the e-book, Seven Elements of Highly Successful Zero Trust Architecture.

Sven Kutzer

Principal Solutions Architect - GSI

2y

Thanks for sharing! This underlines that we must actually decouple application access from network access altogether. „VPN on steroids“ is not Zero Trust

  • No alternative text description for this image
Like
Reply
Luke Crossan Sr

Global Leader in AI+Automation (Agentic Automation and Business Orchestration)

2y

I’d love to share why Automation Anywhere has been rated THE most secure automation platform that is entirely cloud native so your data stays in your secure system.

Like
Reply
Kumar Malavalli

Co-Founder Brocade, InMage, Glassbeam

2y

Hearty congratulations

Like
Reply

To view or add a comment, sign in

More articles by Jay Chaudhry

  • Lessons Learned from the State of Silicon Valley Start-ups

    Lessons Learned from the State of Silicon Valley Start-ups

    I recently read a compelling article in Business Insider entitled, “Silicon Valley is bracing for a ‘Darwinian moment…

    11 Comments
  • Dispatch from Zenith Live Berlin

    Dispatch from Zenith Live Berlin

    On the heels of a successful @Zscaler #ZenithLive user conference in Las Vegas last month, we continued our momentum…

    2 Comments
  • Updates from Zenith Live ‘23

    Updates from Zenith Live ‘23

    It was fantastic to see everyone at Zenith Live ‘23 this week in Las Vegas where customers, partners, media and…

    7 Comments
  • Zenith Live 2023: Redefining Secure Digital Transformation

    Zenith Live 2023: Redefining Secure Digital Transformation

    Technology leaders, IT practitioners, security analysts, and other industry watchers will soon gather at Zscaler's…

  • Observations from RSAC 2023

    Observations from RSAC 2023

    We recently wrapped up an exciting and highly engaging week at #RSAC. I couldn’t be more energized and inspired by the…

    3 Comments
  • Making a Positive Impact By Giving Back

    Making a Positive Impact By Giving Back

    When I founded Zscaler over 15 years ago, I wanted to build an iconic technology company that would fundamentally…

    10 Comments
  • Reflections on My Trip to India

    Reflections on My Trip to India

    This month, I had the opportunity to visit several cities in India to interact with customers, partners and Zscaler…

    9 Comments
  • Observations from My Trip to Japan

    Observations from My Trip to Japan

    I have been meaning to return to Japan since it is a critical country for us, so I was excited to have the opportunity…

    4 Comments
  • Sincere Thanks to Zscaler Customers & Partners

    Sincere Thanks to Zscaler Customers & Partners

    As we begin 2023, I want to express my sincere thanks and appreciation to our Customers and Partners for their…

    14 Comments
  • Zscaler Once Again Recognized on 2022 Deloitte Technology Fast 500 List

    Zscaler Once Again Recognized on 2022 Deloitte Technology Fast 500 List

    One of only three companies in the Bay Area to have made the list five years in a row I am extremely proud of the…

    30 Comments

Insights from the community

Others also viewed

Explore topics