69.1% of professionals with security responsibility believe a rethink is needed to deal with the threat of cybersecurity now that devices and applications have moved outside the corporate network, a SentryBay survey reveals.
The poll aimed to assess attitudes to cyber threats and methods of protecting vulnerable devices. It found that 58.3% of respondents believed that a zero-trust approach to security was essential, and 19.9% thought it was important. When asked if their organization had adopted zero-trust, however, only a third (33.6%) said they had.
One barrier might be the difficulties that companies are experiencing in implementing BYOD models, for which zero trust is the recommended approach to securing corporate perimeters.
The hurdles of BYOD adoption
33.5% said that adopting BYOD was too complicated. The role of enterprise users has also been a BYOD challenge with user privacy concerns being cited by 28.1% of respondents and user engagement/friction cited by 19.9%. Management overheads were a challenge for 19.9%.
“BYOD offers enterprises huge CAPEX savings, but these are worth nothing if adopting the model opens the organization up to the risk of a cyberattack,” said Dave Waterson, CEO at SentryBay.
“The key to security in this scenario is proactive protection that is delivered through a software solution that specifically focuses on preventing sensitive data loss or leakage from the remote endpoint, and it should be an integral part of a zero-trust approach.”
Changing cybersecurity methods and practices is not an easy task
The poll indicates that while 47.7% of organizations have still not adopted zero trust, 8.5% are already in the process and 10.6% plan to do so in 2022.
The appetite for a change in cybersecurity methods and practices as devices and applications move away from physical offices and controlled networks is clearly important to almost 70% of those working in security, but this does not mean that it is always easy to achieve.
“While cybersecurity should be a priority for all enterprises, it can be a daunting prospect to specify and deploy the right solutions for the company’s specific needs,” continued Dave Waterson.
“Culture change is often required, the knowledge and experience of security experts should be sought, but most importantly, endpoint devices – the most vulnerable element in the technology stack – need to be protected by proven software.”