SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
What to know when considering zero trust digital transformation
Thu, 9th Sep 2021
FYI, this story is more than a year old

Article by Bitglass's Woodrow Mosqueda.

There are multiple factors for security leaders to consider when pursuing their zero trust digital transformation objectives.

Zero trust digital transformation is a crucial enabler to business growth

Zero trust digital transformation objectives have accelerated with the continued migration of the cloud, rapid rollout of BYOD initiatives and introduction of hybrid work.

To fully embrace these initiatives, enterprises must eliminate their legacy network architectures and replace them with zero trust-focused solutions. This will enable a secure customer and employee experience while saving considerable amounts of money in a short period.

BYOD usage is accelerating, but security and privacy concerns remain

Almost half of organisations have experienced a significant increase in BYOD use due to the remote work shift, and it's clear this initiative is here to stay. Despite its widespread benefits with regard to flexibility, this trend is challenging security measures designed for traditional endpoints.

The best approach to securing BYOD is to ensure security transparency and deploy agentless, automated solutions that integrate security functions — while respecting user privacy.

Data protection and cyber-threats are top of mind for CEOs

Ransomware, phishing, insider threats and other forms of cyber-attack are an extreme risk to data privacy. Cyber-threats now rank as the second top CEO concern in 2021, up from its ranking as fourth before the pandemic. For complete data and threat protection, organisations must thwart data exfiltration and mitigate threats by minimising their attack surface.

CASB, SWG and ZTNA have officially converged

Traditional security solutions built for well-defined enterprise perimeters are no longer capable of securing the hybrid workforce. As a result, companies will seek a single, comprehensive platform that integrates various critical security capabilities.

Gartner projects that by 2023, 20% of enterprises will have adopted secure web gateway (SWG), cloud access security broker (CASB), zero trust network access (ZTNA) and branch FWaaS capabilities from the same vendor, up from 5% in 2019.

Identity and zero trust go hand-in-hand

Identity and zero trust are two key pillars of modern enterprise security architectures and are undeniably interlinked. Identity has become the foundation of zero trust's core principle, ‘never trust, always verify,' as security now revolves around the users accessing a network and the access controls placed on those users.

A zero trust framework cannot succeed without identity and access management capabilities, like MFA, to authenticate users' identities.

The security landscape is constantly changing, but SASE can help organisations tackle countless security challenges that they didn't have the resources to combat before.