Infographic: What is the level of maturity of Zero Trust in your industry?
Where does your industry stand in its zero trust journey?
Most organization have started deploying security solutions that match a zero trust approach, but not all of them have completely defined their zero trust strategy, and much less have it deployed in their overall architecture. We worked with industry specialists to understand at which stage they were on their zero trust journey and what were the most important drivers and main use cases to progress in implementing this approach. Explore this infographic to know more about how zero trust is perceived in your industry in 2022.
90%
Currently, 90% of financial breaches involve servers. Basic web application attacks are the most common and involve the use of stolen credentials.
Source: 2022 DBIR Financial and Insurance industry
Establish compliance and security as an integral part of digital business transformation to reduce risk and increase data protection.
- Strict controls must be extended (to cloud and third-party vendors), strengthened and granular enough to protect highly sensitive data that is subject to regulations
- Remote working is forcing banks and insurers to secure by design and by identity, and abandon perimeter protection models.
3/5
- Identify employees and accounts with escalated privileges, as well as third-party vendors (data aggregators etc.) that access information systems and data
- Mitigate risks associated with unauthorized access to information systems, by implementing layered security
- Identify all users and customers for which strong authentication and access controls are needed
- Use identity verification to reduce the risk of identity theft
- Reduce ransomware attacks
GDPR, regulations related to cloud and Outsourcing in FS&I (by EBA, FCA, FFIEC…), DORA (new in 2022)
48%
IT and telecom had the largest revenue share of the zero trust (ZT) market in 2020, over 48%.
(source)
ZT enables the convergence of telecom networks and IT environments.
The continued use of proprietary telecom network appliances (which are supposed to be inherently secure) delays ZT adoption.
3/5
Security products and offerings are mostly geared at pure IT use cases. Specialized telecom ZT products are only gradually appearing on the market.
- ZT for telecom: Telco cloud security posture Management (CSPM) for cloud-native network functions
- ZT by telecom: Secure access service edge (SASE) for remote IT workplaces
Increasing security and sovereignty demands for mission-critical telco network functions and IT cloud workloads require sovereignty certifications like SecNum (ANSSI – France) or C5 (BSI – Germany).
ZT can help a long way to SOC-2 Type II and other cloud audits in both IT and telecom.
704 cyberattacks
In 2021, manufacturing was a target for an average of 704 cyberattacks per week.
(source)
- Less downtime
- Better security resilience for unknown threats
- Better control of critical resources
- Lack of visibility into OT assets, infrastructure and data flow
- Inadequate security knowledge for proper ZT planning and implementation
2/5
The largest global enterprises have a relatively good level of ZT journey preparation, while many small and mid-size organizations still are behind and do not have an OT security strategy.
- Better control of supplier value chains
- Improved visibility of assets communication
- Secure identity and access management
- Secure communication across OT sites and cloud
- Better compliance with local and global regulations
736 cyberattacks
In 2021, energy and utilities were the target of an average of 736 cyberattacks per week.
(source)
- Less downtime
- Better security resilience for unknown threats
- Better control of critical resources
- Widespread infrastructure
- Insufficient visibility of OT assets, infrastructure and data flows
- Secure critical infrastructure
- Lack of general knowledge about ZT
2/5
- Better control of supplier value chains
- Improved visibility of asset communication
- Secure identity and access management
- Better compliance with local and global regulations
- Secure smart meters and IoT/IIoT connections
- Less downtime
- Better security resilience for unknown threats
- Better control of critical resources
- Widespread infrastructure
- Insufficient visibility of OT assets, infrastructure and data flows
- Secure critical infrastructure
- Lack of general knowledge about ZT
2/5
- Better control of supplier value chains
- Improved visibility of asset communication
- Secure identity and access management
- Better compliance with local and global regulations
- Secure smart meters and IoT/IIoT connections
30%
of healthcare organizations considered zero trust to be a top priority in 2020 due to the pandemic (versus 17% globally).
(source)
- Improved control over connected medical devices
- Better protection of sensitive health data
- Interconnection of connected medical devices and precision medicine technologies
- Lack of resources and skills to secure the hospital’s supply chain
- Lack of visibility over assets, infrastructure and data flows dealing with personal health information (PHI)
3/5
“2022 could be the year of zero trust in healthcare” as governments push more and more critical infrastructure (such as hospitals) in this direction.
- Enhanced visibility of all users and assets, including IoMT
- Better manage access permissions and identities of people and devices trying to access PHI
- Limit the attack surface and mitigate ransomware attacks risks
- Comply with existing and forthcoming regulations for critical infrastructure