STAMFORD, Conn., January 23, 2023 — Zero trust is top of mind for most organizations as a critical strategy to reduce risk, but few organizations have actually completed zero-trust implementations.Gartner, Inc. predicts thatby 2026, 10% of large enterprises will have a mature and measurable zero-trust program in place, up from less than 1% today.
Gartner defines zero trust as a security paradigm that explicitly identifies users and devices and grants them just the right amount of access so the business can operate with minimal friction while risks are reduced.
“Many organizations established their infrastructure with implicit rather than explicit trust models to ease access and operations for workers and workloads. Attackers abuse this implicit trust in infrastructure to establish malware and then move laterally to achieve their objectives,” said John Watts, VP Analyst at Gartner. “Zero trust is a shift in thinking to address these threats by requiring continuously assessed, explicitly calculated and adaptive trust between users, devices, and resources.”
To help organizations complete the scope of their zero-trust implementations, it is critical that chief information security officers (CISOs) and risk management leaders start by developing an effective zero-trust strategy which balances the need for security with the need to run the business.
“It means starting with an organization’s strategy and defining a scope for zero-trust programs,” said Watts. “Once the strategy is defined, CISOs and risk management leaders must start with identity - it is foundational to zero trust. They also need to improve not only technology, but the people and processes to build and manage those identities.
“However, CISOs and ris ..
Support the originator by clicking the read the rest link below.
