Identities Are The Highest Priority Risk Area

Uploaded on 2024-06-04 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

As the threat landscape continues to evolve in 2024and threat actors become increasingly more sophisticated, organisations are seeking ways to increase their security posture. Now, the leading data security firm Entrust and the  Ponemon Institute have produced a new survey about approaches to identity management.

They asked over 4,000 IT and security professionals around the globe about their adoption of Zero Trust as a security practice, and the technologies they rely on to support their efforts to prevent cyberattacks.

The 2024 State of Zero Trust & Encryption Study surveyed 4,052 IT and IT security practitioners across the US, UK, Canada, Germany, Australia and New Zealand, Japan, Singapore, and the Middle East.  

The survey shows that people are now more motivated to invest in security to prevent data breaches, rather than just to follow regulations. While in the past, compliance was the main reason for security investments, 41% of respondents now prioritise security investments to reduce the risks of data breaches or other security incidents.  

This marks a significant change in attitudes toward why organisations invest in security. 

Key findings from the 2024 State of Zero Trust & Encryption Study include:  

  • Rising rates of cyber breaches are driving Zero Trust adoption: Two-thirds of organisations list cyber-risk concerns as the most important drivers for implementing a Zero Trust strategy.
  • The pattern is even more pronounced in the US, with 50% of organisations citing cyber breach risk and 29% reporting the expanding attack surface for a combined total of 79% 

Senior leadership support for Zero Trust is increasing, but skills and budget aren’t keeping pace: Despite 60% of organisations reporting significant senior leadership support for Zero Trust, a lack of skills and budget continue to be cited as the biggest roadblocks to implementing these frameworks, highlighting a discrepancy between support and resource allocation. 

Zero Trust adoption is exploding, but lagging in the West: While 62% of organisations have begun their own Zero Trust journey, only 48% of US organisations have, raising a concern that Western entities know they have a problem but are unable to adopt Zero Trust, leaving them vulnerable to cyber threats. 

Good cyber hygiene alone can’t safeguard against all threats: 46% of respondents cited hackers exposing sensitive or confidential data as their top security concern, followed by system or process malfunctions and unmanaged certificates. For the first time in the past eight years, organisations did not rank employee mistakes as a top security threat. 

People, skills, and ownership remain painful hurdles for CISOs to achieve effective credential management: 50% of respondents identified a shortage of skilled personnel, 47% highlighted the absence of clear ownership, and 46% pointed to inadequate staffing as the primary reasons for the challenges associated with credential management. 

Image: Nick Fancher

You Might Also Read: 

Security Gaps In Business-Critical Identity Services:

___________________________________________________________________________________________

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Increasing Software Cyber Resilience
You’ve Got Mail »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

4Secure

4Secure

For over two decades, 4Secure has specialised in cyber security consultancy, safeguarding the worlds critical Infrastructure through securely bridging air gapped networks.

Dark Reading

Dark Reading

Dark Reading is the most trusted online community for security professionals.

King & Spalding

King & Spalding

King & Spalding is an international law firm with offices in the United States, Europe and the Middle East. Practice areas include Data, Privacy & Security.

Truth Technologies Inc (TTI)

Truth Technologies Inc (TTI)

TTI is a premier provider of worldwide anti-money laundering, anti-fraud, customer identification, and compliance products and services.

CamCERT

CamCERT

CamCERT is the national Computer Emergency Response Team for Cambodia.

Data Resolve Technologies

Data Resolve Technologies

Data Resolve offer a mechanism through which customers can detect and tackle various kinds of sensitive activities pertaining to data loss and data theft.

Precise Biometrics

Precise Biometrics

Precise Biometrics develop and sell fingerprint software for convenient and secure authentication of people’s identity in mobile devices, smart cards and other products with fingerprint sensors.

Cansure

Cansure

Cansure is a leading insurance provider in Canada offering a broad range of property & casualty insurance solutions including Cyber & Data Breach insurance.

VIPRE Security Group

VIPRE Security Group

VIPRE Security Group is an award-winning global cybersecurity, privacy and data protection company.

Nu Quantum

Nu Quantum

Nu Quantum is developing quantum photonics hardware to power the quantum revolution in communications, sensing and computing.

SignalSEC

SignalSEC

SignalSEC provides vulnerability intelligence, malware analysis, penetration testing and associated training services.

DTS Systeme

DTS Systeme

DTS Systeme is an IT service provider with a focus on the core areas of datacenter, technologies and IT security.

Cytidel

Cytidel

Cytidel is a vulnerability and risk management platform that utilises threat and business intelligence to help IT Security teams.

DRT Cyber

DRT Cyber

DRT Cyber deploys technology solutions to support the functions of cybersecurity, privacy, and risk management.

Freeze

Freeze

Freeze prevents attacks before they can start by finding, removing, and stopping the spread of information about your organization and employees.

MOBIA Technology Innovations

MOBIA Technology Innovations

MOBIA is a leading Canadian business transformation partner, helping businesses across industries evolve.