60% of IT and security leaders are not confident in their organization’s ability to ensure secure cloud access, even as adoption continues to grow across a diverse range of cloud environments, according to research from the Ponemon Institute.
The Global Study on Zero Trust Security for the Cloud surveyed nearly 1,500 IT decision makers and security professionals worldwide to examine the pain points they experience in securing cloud environments and how zero trust security methods can enable digital transformation.
Organizations face a multitude of barriers to securing diverse cloud environments, with the top challenges cited as network monitoring/visibility (48%), in-house expertise (45%), increased attack vectors (38%) and siloed security solutions (36%). In addition, 62% of respondents say traditional perimeter-based security solutions are no longer adequate to mitigate the risk of threats like ransomware, DDoS attacks, insider threats and man-in-the-middle attacks.
As cloud-native development practices grow, 90% of respondents will have adopted DevOps and 87% will have adopted containers within the next three years, but modern security practices aren’t as widespread. Only 42% can confidently segment their environments and apply the principle of least privilege, and nearly a third of organizations have no collaboration between IT security and DevOps—presenting a significant risk.
The report also reveals that Zero Trust Network Access (ZTNA) can address these challenges and accelerate an organization’s cloud transformation. Respondents that have adopted a zero trust strategy report increased productivity of the IT security team (65%), stronger authentication using identity and risk posture (61%), increased productivity for DevOps (58%) and greater network visibility and automation capabilities (58%) as the top benefits.
“Organizations are at a crossroads, understanding that legacy security solutions aren’t cutting it in the cloud while facing a growing need to mitigate evolving risks,” said Dr. Larry Ponemon, Chairman and Founder of the Ponemon Institute. “This new global research proves that zero trust can help address these challenges, while also offering benefits beyond cloud security, particularly around increased productivity and efficiency for IT teams and end users alike.”
ZTNA can help organizations keep pace with agile cloud deployments by providing a unified policy engine that delivers secure access for all users, devices and workloads, regardless of where they reside.
“This research validates that while cloud security isn’t easy, applying zero trust principles to ensure secure access to cloud workloads goes beyond protecting valuable data and actually can fast-track an organization’s digital transformation,” said Jawahar Sivasankaran, President and Chief Operating Officer at Appgate. “When done right, zero trust can drive meaningful efficiency and innovation across the entire IT ecosystem for both the security and business sides of an organization, rather than just being an add-on security tool.”
Other key findings in the report include:
- 53% of the respondents that don’t plan to adopt zero trust believe the term is “just about marketing,” but many of those respondents also highlight ZTNA capabilities as being essential to protect cloud resources—pointing to confusion around what zero trust actually means
- Only 33% of respondents are confident their IT organization knows all the cloud computing applications, platforms or infrastructure services currently in use
- More than half of respondents cite account takeover or credential theft (59%) and third-party access risks (58%) as top threats to their cloud infrastructure