News Security

Zscaler Study Finds 96% of Indian Enterprises are Adopting Zero Trust, Yet Have Not Unlocked the Full Business Potential

Ananth Nag, Senior Regional Vice President, India & SAARC, Zscaler
Ananth Nag, Senior Regional Vice President, India & SAARC, Zscaler

Greater opportunity for zero trust in India as more than half (55%) of Indian IT decision-makers are ‘fully confident’ their organization is leveraging the potential of their cloud infrastructure, far ahead of the global average of 22%, and APAC countries such as Australia (16%) and Singapore (15%).

Zscaler found that more than 96% of Indian IT leaders who have started their migration to the cloud have implemented, are implementing, or are planning to implement a zero trust security architecture. Supporting the mass migration to zero trust to secure users and the cloud, more than two thirds (62%) believe that secure cloud transformation is impossible with legacy network security infrastructures such as traditional firewalls and VPNs. This is according to The State of Zero Trust Transformation 2023 report, which draws on a global study of over 1,900 senior IT decision makers at organizations globally, which have already started migrating applications and services to the cloud.

Zscaler’s research shows that against a backdrop of rapid digital transformation, IT leaders believe zero trust is the ideal framework for securing enterprise users, workloads and IoT/OT environments in a highly distributed cloud and mobile-centric world. Approached from a holistic IT perspective, zero trust has the potential to unlock business opportunities across the overall digitization process, from driving increased innovation to supporting better employee engagement, or delivering tangible cost efficiencies.

“The State of Zero Trust Transformation 2023 report indicates a promising trend in the adoption of zero-trust security among Indian organizations over the next 12 months. While the implementation rates are high, the report suggests that organizations could aim for a more ambitious approach. There is a pertinent need for Indian organizations to adopt a comprehensive and proactive security strategy that prioritizes zero-trust principles,” said Ananth Nag, Senior Regional Vice President, India & SAARC, Zscaler. “India’s digital economy is rapidly growing, and with this growth comes an increasing risk of cyberattacks that can disrupt critical infrastructure and undermine consumer trust. As cyber threats continue to evolve in the country, a zero-trust security model can provide businesses with the necessary protection to safeguard sensitive data and critical infrastructure. IT leaders have an opportunity to educate business decision-makers on how zero-trust security can be a valuable business driver.”

The Leading Cloud Concerns 

IT leaders identified security, access and complexity as top cloud concerns, creating a clear case for zero trust to overcome these hurdles. When asked about legacy network and security infrastructures, 72% of Indian respondents indicated they believed VPNs or perimeter-based firewalls are both ineffective at protecting against cyberattacks or providing poor visibility into application traffic and attacks. This further validates the findings that 62% agree that secure cloud transformation is impossible with a legacy network security infrastructure such as traditional firewalls and VPNs.

The Cloud Context – A Lack of Confidence

While progress on zero trust is strong, Zscaler found that globally only 22% of organizations are fully confident they are leveraging the full potential of their cloud infrastructure, so while organizations have made solid initial steps on their cloud journey, there is a massive opportunity to capitalize on the benefits of the cloud. Regionally, the results vary with India being ahead of all markets surveyed with 55% of Indian organizations feeling fully confident in the use of their cloud infrastructure, compared with 42% of organizations across Americas, 14% across EMEA and 24% in APAC. While India is leading on a country level followed by the US (41%) and Mexico (36%), European and Asian countries are less confident: Australia (17%), Japan (17%) and Singapore (16%)

While at first glance security appears to stand in the way of fully realizing the full potential of the cloud, the motivations behind cloud migration suggest a more fundamental barrier in how IT leaders view the cloud. IT leaders cited data privacy concerns, challenges to securing data in the cloud, and the challenges of scaling network security as among the top barriers to embracing the cloud’s full potential. When asked about the main factors driving digital transformation initiatives in their organizations, the top three factors were cost reduction, managing cyber risk, and facilitating emerging technologies like 5G and Edge computing, suggesting there may still be a distinct lack of understanding around how to fully capitalize on its broader business benefits.

The Potential of Zero Trust as a Business Enabler

In line with the motivations behind cloud migration, Zscaler found that a focus on wider strategic outcomes is missing from how organizations are planning emerging technology initiatives. When Indian respondents were asked about the single most challenging aspect of implementing emerging technology projects, 37% cited adequate security, followed by budget requirements for further digitization (23%). However, only 17% cited dependency on strategic business decisions as a challenge.

While budget concerns are natural, the focus on securing the network while ignoring strategic business alignment suggests organizations are focused on security without a full understanding of its business benefit, and that zero trust itself is not yet understood as a business enabler.

Zscaler makes four key recommendations for organizations to capitalize on zero trust:

  1. Not all zero trust offerings are created equal: It’s important to implement a true zero trust architecture built on the principle that no user or application is inherently trusted. It starts with validating user identity combined with business policy enforcement based on contextual data to provide users, devices and workloads direct access to applications and resources – never the corporate network. This eliminates the attack surface so threats can’t gain access to the corporate network and move laterally thus improving the security posture.
  2. Zero trust as enabler of transformation and business outcomes: With its increased levels of security, visibility and control, leverage holistic a zero trust-based architecture to remove the complexity from IT operations to allow organizations to focus on gaining improved business outcomes as part of their digital transformation initiatives and remain competitive.
  3. Zero trust for the boardroom: To align with business strategies, CIOs and CISOs should leverage the findings to help dispel fear, uncertainty and doubt around what zero trust means and to promote its full business impact with key decision makers. 
  4. Zero trust-enabled infrastructures as foundation for the future: Emerging technologies need to be looked at as a competitive business advantage and zero trust will support the secure and performant connectivity requirements of emerging trends.

Related posts

Sophos Appoints Torjus Gylstorff as Sophos’ CRO

enterpriseitworld

The ERP revolution is here: Why point solutions might be failing your business

enterpriseitworld

TD SYNNEX to Amplify Global Footprint of eScan

enterpriseitworld
x