Are you ready to bring more awareness to your brand? Consider becoming a sponsor for The AI Impact Tour. Learn more about the opportunities here.
While 90% of the enterprises migrating to the cloud are adopting zero trust, just 22% are confident their organizations will capitalize on its many benefits and transform their businesses. A new survey from Zscaler shows that defining and implementing a zero trust network access (ZTNA) framework is a business decision as much as a security decision. And it indicates that building a stable multicloud infrastructure is the first step.
More than two-thirds (68%) of IT and security leaders who participated in Zscaler’s recent study, The State of Zero Trust Transformation 2023 Report, say secure cloud transformation is not possible with legacy network security infrastructure such as firewalls and VPNs. Outdated tech stacks and implicit-trust-based architectures down to endpoints are lethal roadblocks to successful zero-trust initiatives.
Several catalysts are driving zero trust’s rapid growth. One is the migration from legacy on-premise tech stacks to the cloud. Another is the tech stack consolidation that a cloud-based strategy offers. Whatever the reasons, Gartner reports a 60% year-over-year growth in ZTNA adoption.
Ivanti’s Zero Trust Progress Report found that 64% of CISOs and security leaders say verifying users’ identities, devices and infrastructure components is the most valuable benefit of a ZTNA framework.
The AI Impact Tour
Connect with the enterprise AI community at VentureBeat’s AI Impact Tour coming to a city near you!
Further validating Zscaler’s finding that cloud infrastructure drives faster zero trust adoption and delivers more valuable business results is Gartner’s latest end-user spending forecast for ZTNA. The research firm predicts that ZTNA-based systems and solutions globally will grow from $819.1 million in 2022 to $2.01 billion in 2026, attaining a compound annual growth rate of 19.6%. Another market estimate predicts that global spending on zero-trust security software and solutions will grow from $27.4 billion in 2022 to $60.7 billion by 2027, attaining a CAGR of 17.3%.
Zscaler advises CISOs to see zero trust as a growth driver
There’s a wide gap between zero trust’s potential business value and the results it’s delivering today. Zscaler‘s study contends that enterprises need secured cloud infrastructure to realize zero trust’s business potential. “A zero-trust platform has the power to redesign business and organizational infrastructure requirements — to become a true business driver that doesn’t just enable the hybrid working model employees are demanding, but [that] enables organizations to become fully digitized, benefiting from agility, efficiency and future-proofed infrastructure,” says Nathan Howe, VP of emerging tech, 5G at Zscaler.
Many CEOs are stressing the need for cybersecurity and zero trust to drive business outcomes and help digitally transform businesses this year. George Kurtz, co-founder and CEO of CrowdStrike, was emphatic about this during his Fal.Con keynote earlier this year. “Adding security should be a business enabler,” he said. “It should be something that adds to your business resiliency, and it should be something that helps protect the productivity gains of digital transformation.”
In addition, CISOs who drive revenue gains are the most likely to advance their careers. The more contributions a CISO can make to enabling revenue growth, the better for their career and job security. At Forrester’s Security and Risk Forum 2022 last month, Jeff Pollard, VP and principal analyst, hosted a “Cybersecurity Drives Revenue: How to Win Every Budget Battle” session. He pointed out that “when something touches as much revenue as cybersecurity does, it is a core competency. And you can’t argue that it isn’t.”
CrowdStrike’s Kurtz told the audience at his Fal.Con keynote, “I’m seeing more and more CISOs joining boards. And I think this is a great opportunity for everyone in security to understand what impact they can have on a company. Also from a career perspective, it’s a great thing to be part of that boardroom and helping them on the journey to keep business resilient and secure.”
ZTNA needs to secure multicloud infrastructure first
Zscaler’s results suggest how challenging it is for CISOs and their teams to implement ZTNA frameworks across multicloud infrastructures that themselves are still taking shape. Nearly every CISO with whom VentureBeat has spoken with in the last six months says that consolidating their tech stack is their highest priority. In many instances, the funding to pursue a ZTNA strategy is what produces the focus and resources CISOs and their teams need to consolidate tech stacks and remove legacy apps.
Multicloud infrastructure is a must-have to enable enterprises to grow. That’s also clear from VentureBeat’s discussions with CISOs over the last year. Their motivations for implementing multicloud include improved availability of resources; the opportunity to gain access to best-of-market innovations; and the need to meet more complex compliance and reporting requirements. Gaining bargaining parity in negotiations with cloud providers and avoiding vendor lock-in are added benefits.
>>Don’t miss our special issue: Zero trust: The new security paradigm.<<
ZTNA implementations are long-term. They must keep delivering results and value to stay funded. That’s why the Zscaler survey found that 65% of respondents say improving the detection of advanced threats or web application attacks and protecting secured data is the top reason for pursuing zero trust. CISOs need quick wins to hold on to their budgets and grow them over them.
Zero-trust initiatives deliver value by protecting infrastructure and by scaling across new digital transformation initiatives to protect new revenue streams, as Kurtz said at Fal.Con; adding security must be a business enabler. Getting multicloud right is the first step.
Zero trust: a business decision first
Zscaler’s findings underscore how defining and implementing a ZTNA framework and strategy is a business decision first. That business decision often starts by consolidating legacy tech stacks, which are often riddled with implicit trust domain controllers, and opting for a more integrated multicloud architecture.
For many organizations, getting to a stable multicloud infrastructure is the first step. Having a cloud-based platform to scale from allows faster time-to-market for new apps internally. It also provides new opportunities for digital transformation initiatives that can streamline customer buying experiences.
The vision CISOs are pursuing today involves making a greater revenue contribution while protecting infrastructure, transforming their careers from technologists to strategists, and earning a chance to get promoted and become board members.
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.