Identities Are The Highest Priority Risk Area

Uploaded on 2024-06-04 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

As the threat landscape continues to evolve in 2024and threat actors become increasingly more sophisticated, organisations are seeking ways to increase their security posture. Now, the leading data security firm Entrust and the  Ponemon Institute have produced a new survey about approaches to identity management.

They asked over 4,000 IT and security professionals around the globe about their adoption of Zero Trust as a security practice, and the technologies they rely on to support their efforts to prevent cyberattacks.

The 2024 State of Zero Trust & Encryption Study surveyed 4,052 IT and IT security practitioners across the US, UK, Canada, Germany, Australia and New Zealand, Japan, Singapore, and the Middle East.  

The survey shows that people are now more motivated to invest in security to prevent data breaches, rather than just to follow regulations. While in the past, compliance was the main reason for security investments, 41% of respondents now prioritise security investments to reduce the risks of data breaches or other security incidents.  

This marks a significant change in attitudes toward why organisations invest in security. 

Key findings from the 2024 State of Zero Trust & Encryption Study include:  

  • Rising rates of cyber breaches are driving Zero Trust adoption: Two-thirds of organisations list cyber-risk concerns as the most important drivers for implementing a Zero Trust strategy.
  • The pattern is even more pronounced in the US, with 50% of organisations citing cyber breach risk and 29% reporting the expanding attack surface for a combined total of 79% 

Senior leadership support for Zero Trust is increasing, but skills and budget aren’t keeping pace: Despite 60% of organisations reporting significant senior leadership support for Zero Trust, a lack of skills and budget continue to be cited as the biggest roadblocks to implementing these frameworks, highlighting a discrepancy between support and resource allocation. 

Zero Trust adoption is exploding, but lagging in the West: While 62% of organisations have begun their own Zero Trust journey, only 48% of US organisations have, raising a concern that Western entities know they have a problem but are unable to adopt Zero Trust, leaving them vulnerable to cyber threats. 

Good cyber hygiene alone can’t safeguard against all threats: 46% of respondents cited hackers exposing sensitive or confidential data as their top security concern, followed by system or process malfunctions and unmanaged certificates. For the first time in the past eight years, organisations did not rank employee mistakes as a top security threat. 

People, skills, and ownership remain painful hurdles for CISOs to achieve effective credential management: 50% of respondents identified a shortage of skilled personnel, 47% highlighted the absence of clear ownership, and 46% pointed to inadequate staffing as the primary reasons for the challenges associated with credential management. 

Image: Nick Fancher

You Might Also Read: 

Security Gaps In Business-Critical Identity Services:

___________________________________________________________________________________________

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Increasing Software Cyber Resilience
You’ve Got Mail »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Black Hat Briefings

Black Hat Briefings

The Black Hat Briefings are a series of highly technical information security conferences that bring together thought leaders from all facets of the infosec world.

Miller Group

Miller Group

Miller Group is an IT managed service provider. We proactively monitor and manage your entire business computer network. Services include backup & recovery and cyber security.

Cognizant

Cognizant

Cognizant offer services and solutions for IT Infrastructure Security, Enterprise Mobility and Internet of Things.

We Watch Your Website

We Watch Your Website

We Watch Your Website provide website monitoring, protection, malware removal and root cause analysis services to help you keep your website secure.

edgescan

edgescan

edgescan is a cloud-based continuous vulnerability management and penetration testing solution.

Secarma

Secarma

Secarma provides penetration testing, security assessments, consultancy, and training services to ensure your digital infrastructure is secure from cybersecurity threats.

Bottomline Technologies

Bottomline Technologies

Bottomline Technologies is an innovator in business payment automation technology, helping companies make complex business payments simple, smart and secure.

Nokia

Nokia

Nokia is a proven leader in fixed, mobile and IoT security offering capabilities that range from systems design to integration and support.

AEWIN Technologies

AEWIN Technologies

AEWIN is professional in the fields of Network Appliance, Cyber Security, Server, Edge Computing and an ODM/OEM expert.

Tetrate.io

Tetrate.io

Tetrate Service Bridge provides enterprises with a consistent, unified way to connect and secure services across an entire mesh-managed environment.

Route1

Route1

Route1 is an advanced provider of secure data intelligence solutions to drive your business forward.

Aravo Solutions

Aravo Solutions

Your Extended Enterprise is full of hidden risks – Aravo makes them visible, measurable, and manageable.

Snare

Snare

Snare is a comprehensive set of event monitoring and analysis tools designed to address critical auditing and security requirements.

Cranium

Cranium

Cranium are an international consultancy organisation specialised in privacy, security and data management.

Cambridge International Systems

Cambridge International Systems

For more than 25 years, Cambridge has been fighting bad actors in both the cyber and physical worlds.

Kahootz

Kahootz

Kahootz is a highly secure cloud collaboration platform helping teams to work together across organisations.