Only 32% of Respondents Currently Have a Zero Trust Strategy in Place
96% of North American enterprise IT security leaders say public key infrastructure (PKI) and digital certificates are essential to achieving zero trust architecture. Yet only 39% use PKI as part of their zero trust security strategy today according to an executive survey from Pulse Research and Keyfactor, the leader in PKI as-a-Service (PKIaaS) and crypto-agility solutions. The survey explores enterprise security priorities, the challenges of zero trust strategy implementation and the use of PKI and digital certificates within a zero trust architecture.
“Adopting a zero trust strategy is an important step to ensuring a robust security posture, especially as digital transformation continues and organizations move their security to the cloud,” said Chris Hickman, chief security officer at Keyfactor. “Yet the survey results reveal a concerning gap between perception and reality. While most leaders recognize that PKI is essential to a successful zero trust security strategy, most are not actively incorporating it into their identity and access management (IAM) program.”
PKI is comprised of digital certificates and cryptographic keys that provide trusted and secure connections to protect user and machine identities. A zero trust model relies on trusted connections, controls and machine identity authentication to mitigate security risks and ensure machine-to-machine communications are secure.
Additional key findings:
- Adoption drivers: 68% are prioritizing zero trust strategy implementation for security risk mitigation with 50% citing time-to-breach detection reduction.
- Investment priorities: 72% of IT leaders cite cloud-first migration followed by remote workforce (65%) and digital customer experience improvements (46%).
- Budget allocation: 92% of respondents have allocated up to 20% of their 2021 technology budget to PKI and/or cryptography investments.
- Implementation challenges: 73% see technology gaps as their organization’s greatest barrier to implementation, followed by cost concerns (69%) and a talent or skills shortage (45%).
- PKI requirements: 71% of IT leaders are prioritizing key and certificate visibility, followed by enabling automation (56%) and cloud-first PKI deployment (49%).
“The proliferation of digital certificates and keys within the enterprise will continue to rise, especially as a reliance on distributed IT and the remote workforce continues,” said Hickman. “Scalability is a key consideration when building out a zero trust architecture. However, PKI alone does not equate to zero trust. To be successful and fully achieve zero trust organizations also need the automation, process and security controls necessary to support it.”
The survey was conducted by Pulse Research on behalf of Keyfactor and included responses from 100 North American executive and VP-level IAM leaders in enterprises with between 5,000 and 10,000+ global employees.
For more such updates follow us on Google News ITsecuritywire News.