TORONTO, Oct. 17, 2022 /PRNewswire/ - Global IT research and advisory firm Info-Tech Research Group has published its newest research-backed blueprint, Build a Zero Trust Roadmap. Info-Tech's blueprint is designed to help organizations understand what zero trust is, how to move away from a perimeter-based approach, and how to build a pragmatic implementation that is flexible and adaptable. The research indicates that in today's digital age, every organization should have a zero trust strategy to help mitigate cyberattacks and reduce organizational risk.
"For the longest time, security teams have focused on reducing the attack surface to deter malicious actors from attacking organizations. However, I dare say that effort has only made these actors scream 'challenge accepted,'" says Victor Okorie, senior research analyst at Info-Tech Research Group. "With sophisticated tools, time, and money in their hands, threat actors have embarrassed even the finest of organizations. A hybrid workforce and rapid cloud adoption have also introduced more challenges as the perimeter shifted and the internet became the corporate network. A new zero trust mindset needs to be adopted to stay on top of the game and effectively mitigate attacks."
Info-Tech's research outlines two common obstacles that can make zero trust a difficult initiative for many organizations. The first is that due to zero trust's many components, an accurate assessment of readiness and adoption benefits can be extremely difficult. IT leaders and departments must first understand what zero trust means to the organization.
"Zero trust is a set of principles that defaults to the highest level of security; a failed implementation can easily disrupt the business," says Okorie. "A pragmatic zero trust implementation must be flexible and adaptable yet maintain a consistent level of protection."
The second barrier is that zero trust as a principle is a moving target due to competing definitions and standards. A strategy built around evolving best practices must be supported by business stakeholders. To ensure this support, IT must be able to "sell" zero trust to stakeholders by illustrating the value zero trust can bring to business objectives.
"The success of most attacks is tied to denial of service, data exfiltration, and ransom," explains Okorie. "A shift from focusing on the attack surface to the protect surface will help organizations implement an inside-out architecture. This approach protects critical infrastructure, prevents the success of any attack, makes it difficult to gain access, and links directly to business goals."
Info-Tech's blueprint explains that in the most current application of zero trust in the enterprise, a zero trust strategy applies a set of principles, including least privilege access and per-request access enforcement, to minimize compromise to critical assets. A zero trust roadmap is a plan that leverages zero trust concepts, considers relationships between technical elements as well as security solutions, and applies consistent access policies to minimize areas of exposure.
The firm also recommends that every organization have a zero trust strategy, and the roadmap to deploy it must constantly be tested and refined. Zero trust offers businesses the following benefits:
- Reduced business and organizational risk – Reduced business risks as continuous verification of identity, devices, networks, applications, and data is embedded in the organization's practice.
- Reduced CapEx and OpEx – Reduced capital and operating expenditures due to scalability, low staffing requirements, and improved time-to-respond to threats.
- Reduced scope and cost of compliance – Helps achieve compliance with privacy standards and regulations, improves maturity for cyber insurance premiums, and leaves fewer gaps during audits. The scope of compliance is also reduced due to segmentation.
- Reduced Risk of Data Breach – The risk of a data breach is reduced in any instance of a malicious attack as zero trust reduces lateral movement and increases visibility.
"The success of a zero trust implementation relies on consistent enforcement," says Okorie. "The strategy should evolve through an iterative and repeatable process by assessing the full spectrum of available technologies to apply zero trust principles to the most relevant protect surfaces."
To learn more, download the Build a Zero Trust Roadmap blueprint.
For more about Info-Tech Research Group and to download the latest research, visit infotech.com and connect via LinkedIn and Twitter.
Info-Tech Research Group is one of the world's leading information technology research and advisory firms, proudly serving over 30,000 IT professionals. The company produces unbiased and highly relevant research to help CIOs and IT leaders make strategic, timely, and well-informed decisions. For 25 years, Info-Tech has partnered closely with IT teams to provide them with everything they need, from actionable tools to analyst guidance, ensuring they deliver measurable results for their organizations.
Media professionals can register for unrestricted access to research across IT, HR, and software and over 200 IT and Industry analysts through the ITRG Media Insiders Program. To gain access, contact [email protected].
SOURCE Info-Tech Research Group
WANT YOUR COMPANY'S NEWS FEATURED ON PRNEWSWIRE.COM?
Newsrooms &
Influencers
Digital Media
Outlets
Journalists
Opted In
Share this article