Zero Trust architecture is key to upgrading businesses’ security, but many companies who have installed the technology admit to gaps in implementation across some security risk areas. If Zero Trust is an effective approach for protecting businesses in our remote world, what is holding back some companies from realising its full potential? This article outlines common mistakes, among them the three below:
Mistake 1: Thinking Zero Trust can be purchased
- Software vendors tend to market their products with the misleading implication that they provide zero trust - but many of their products aren’t in fact new at all, and though they may support zero trust, aren’t sufficient to provide it on their own. Some of the legitimate products to spur a company’s development of Zero Trust architecture include Zero Trust network access (ZTNA) and micro segmentation solutions.
- More broadly, many businesses view Zero Trust as a quick, one-and-done fix that can be easily bought - rather, it is an approach that should be implemented and improved consistently over time.
Mistake 2: Over-reliance on legacy infrastructure
- A survey found that 58% of IT and program managers identified the need to overhaul existing legacy infrastructure as the biggest barrier to implementing zero trust. Digital transformation is often necessary for adoption, but many organisations believe the substantial costs and the risk of negatively impacting the customer experience outweigh its rewards.
Mistake 3: Neglecting the business case for investing
- Because reaping the full benefits of Zero Trust often calls for companies to undertake expensive digital transformation, executives will need to convince stakeholders of its advantages in order to obtain their support. CISOs should highlight that in addition to mitigating cybercrime and halving the chance of a data breach, there are substantial cost savings to be had, with an average 92% return on investment.