Identities Are The Highest Priority Risk Area

As the threat landscape continues to evolve in 2024and threat actors become increasingly more sophisticated, organisations are seeking ways to increase their security posture. Now, the leading data security firm Entrust and the  Ponemon Institute have produced a new survey about approaches to identity management.

They asked over 4,000 IT and security professionals around the globe about their adoption of Zero Trust as a security practice, and the technologies they rely on to support their efforts to prevent cyberattacks.

The 2024 State of Zero Trust & Encryption Study surveyed 4,052 IT and IT security practitioners across the US, UK, Canada, Germany, Australia and New Zealand, Japan, Singapore, and the Middle East.  

The survey shows that people are now more motivated to invest in security to prevent data breaches, rather than just to follow regulations. While in the past, compliance was the main reason for security investments, 41% of respondents now prioritise security investments to reduce the risks of data breaches or other security incidents.  

This marks a significant change in attitudes toward why organisations invest in security. 

Key findings from the 2024 State of Zero Trust & Encryption Study include:  

  • Rising rates of cyber breaches are driving Zero Trust adoption: Two-thirds of organisations list cyber-risk concerns as the most important drivers for implementing a Zero Trust strategy.
  • The pattern is even more pronounced in the US, with 50% of organisations citing cyber breach risk and 29% reporting the expanding attack surface for a combined total of 79% 

Senior leadership support for Zero Trust is increasing, but skills and budget aren’t keeping pace: Despite 60% of organisations reporting significant senior leadership support for Zero Trust, a lack of skills and budget continue to be cited as the biggest roadblocks to implementing these frameworks, highlighting a discrepancy between support and resource allocation. 

Zero Trust adoption is exploding, but lagging in the West: While 62% of organisations have begun their own Zero Trust journey, only 48% of US organisations have, raising a concern that Western entities know they have a problem but are unable to adopt Zero Trust, leaving them vulnerable to cyber threats. 

Good cyber hygiene alone can’t safeguard against all threats: 46% of respondents cited hackers exposing sensitive or confidential data as their top security concern, followed by system or process malfunctions and unmanaged certificates. For the first time in the past eight years, organisations did not rank employee mistakes as a top security threat. 

People, skills, and ownership remain painful hurdles for CISOs to achieve effective credential management: 50% of respondents identified a shortage of skilled personnel, 47% highlighted the absence of clear ownership, and 46% pointed to inadequate staffing as the primary reasons for the challenges associated with credential management. 

Image: Nick Fancher

You Might Also Read: 

Security Gaps In Business-Critical Identity Services:

___________________________________________________________________________________________

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Increasing Software Cyber Resilience
You’ve Got Mail »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

RoboForm

RoboForm

RoboForm's industry-leading encryption technology securely stores your passwords, with one Master Password serving as your encryption key.

Digital Defense Inc (DDI)

Digital Defense Inc (DDI)

DDI offers vulnerability scanning, penetration testing, web application testing, social engineering and additional security assessments.

Tubitak

Tubitak

Tubitak is the scientific and technological research council of Turkey. Areas of research include information technology and security.

Arcanum Information Security (AIS)

Arcanum Information Security (AIS)

Arcanum Information Security is a specialist Information Assurance Consultancy and a leading provider of Cyber Security services to UK Defence, UK Government, Enterprise businesses and SMEs.

Purple Security

Purple Security

Purple Security arises from the association of specialists in offensive security (ethical hackers, white hats) and experts in insurance, compliance and implementation of industry standards.

S4x Events

S4x Events

S4x are the most advanced and largest ICS cyber security events in the world.

British Blockchain Association (BBA)

British Blockchain Association (BBA)

British Blockchain Association (BBA) is a not-for-profit organisation that promotes evidence-based adoption of Blockchain and Distributed Ledger Technologies (DLT) across the public and private sector

Octane OC

Octane OC

OCTANe is building the SoCal of tomorrow. We drive innovation and growth by connecting people, resources and capital. Our Incubator focus is FinTech, Data Analytics and Cybersecurity.

Technisanct

Technisanct

Technisanct works with Governments, especially Law Enforcement and Defence agencies, helping them in monitoring threats, managing their data and resolving their forensic needs.

Accenture

Accenture

Accenture is a leading global professional services company providing a range of strategy, consulting, digital, technology & operations services and solutions including cybersecurity.

Willyama Services

Willyama Services

Willyama Services is a certified Information Technology and Cybersecurity professional services business providing services to government and private sector clients.

Rescana

Rescana

Rescana offers a cyber risk management platform with the vision to remove the security team bottlenecks, accelerating business processes that require risk assessment.

SecurityBridge

SecurityBridge

SecurityBridge provide a cybersecurity connection between our customers’ IT departments, the forward-facing business services, and their SAP applications.

Trickest

Trickest

Trickest enables Enterprises, MSSPs, and Ethical Hackers to build automated offensive security workflows from prototype to production.

Databarracks

Databarracks

Databarracks deliver award winning IT resilience and continuity services. We help organisations get the most out of the cloud and protect their data, wherever it lives.

TIM Enterprise

TIM Enterprise

TIM Enterprise offers innovative, sustainable and secure 360-degree digital solutions to companies and public administrations.