Enterprise Strategy Group Study Finds Strong Interest in Zero-trust Strategies and New Funding to Support These Initiatives

Share Article

More than half of the organizations surveyed view zero trust as the strategic framework for cybersecurity program modernization

ESG, a division of TechTarget

ESG today released new research that found, despite the challenges posed by the pandemic, most organizations have either pressed forward as planned or accelerated their zero-trust initiatives.

Zero-trust concepts have never been more applicable than they are today. With people, devices, and applications all just as likely to be outside the corporate perimeter than inside, location has become meaningless in assessing trust and determining risk posture.

Enterprise Strategy Group (ESG), a leading integrated technology analysis, research, and strategy firm, today released new research that found, despite the challenges posed by the pandemic, most organizations have either pressed forward as planned or accelerated their zero-trust initiatives. Zero trust strategies assume the network is compromised and brokers resource-specific access in isolation from network access through a least-privileged approach supported by continuous authentication, authorization, and risk evaluation for every request. These initiatives have seen increased interest over the last few years as enterprise architectures have become more distributed. The new ESG study—which surveyed 421 security and IT professionals responsible for driving zero-trust security strategies and evaluating, purchasing, and managing related security technology products and services—found that three-quarters of organizations are allocating net-new budget for zero-trust programs and the vast majority plan to increase spending over the next 12-18 months.

While interest and budget for zero trust are robust, there remains some level of confusion in the market as to what the term means, where to start, and what technologies are required to support these initiatives. There does appear to be growing understanding among customers that zero trust should be viewed as a strategic approach. However, most organizations continue to take a technology-centric view.

Among the study’s key findings:

  • Most organizations (51%) view zero trust as an avenue towards overall cybersecurity program modernization, updating traditional security processes and procedures to better align with today’s distributed enterprise reality.
  • More than half (53%) of organizations began their zero-trust journey with a specific use case, then broadened that strategy over time.
  • 40% of organizations say they have either paused or abandoned a zero-trust project they had previously started—often due to organizational and personnel issues.
  • Organizations that have yet to implement zero trust do maintain some negative perceptions of the initiative, especially around complexity, cost, and user experience.
  • Yet organizations that have implemented zero trust report a variety of benefits ranging from reduced cybersecurity incidents and data breaches to greater agility and increased employee productivity.

“Zero-trust concepts have never been more applicable than they are today. With people, devices, and applications all just as likely to be outside the corporate perimeter than inside, location has become meaningless in assessing trust and determining risk posture,” said John Grady, Senior Analyst at ESG. “ESG’s research shows that organizations are seeing demonstrable benefits from implementing zero-trust strategies across both security and business outcomes. That said, this remains a multi-year journey for most, requiring both short-term, use-case-focused prioritization, and longer-term, strategic planning and executive support.”

For more information on this new research, please visit ESG’s website.

About ESG
Enterprise Strategy Group (ESG) is an integrated technology analysis, research, and strategy firm providing market intelligence, actionable insight, and go-to-market content services to the global technology community. It is increasingly recognized as one of the world’s leading analyst firms in helping technology vendors make strategic decisions across their go-to-market programs through factual, peer-based research. ESG is a division of TechTarget, Inc. (Nasdaq: TTGT), the global leader in purchase intent-driven marketing and sales services focused on delivering business impact for enterprise technology companies.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Lauren Childers
ESG
5084046375
Email >
Visit website