Eighty Percent of IT and Security Professionals List Zero Trust as a Priority, According to New Cloud Security Alliance Survey

SEATTLE & SAN FRANCISCO–(BUSINESS WIRE)–RSA Conference— The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment, today released the findings of its latest survey, CISO Perspectives and Progress in Deploying Zero Trust. Conducted by the Zero Trust Advancement Center (ZTAC), the exploratory survey polled more than 800 IT and security professionals to determine where Zero Trust falls as a priority within their organization and the top business and technical challenges they have encountered over the course of its implementation.

Among the report’s key findings:

  • 80 percent of C-level executives have Zero Trust as a priority for their organizations
  • 94 percent are in the process of implementing Zero Trust strategies
  • 77 percent are increasing their spend in Zero Trust over the next 12 months

“The philosophy of Zero Trust has the potential to fundamentally reshape our approach to securing the technology we use across the board over the course of the next few years. Arriving at this destination requires greater clarity and a common understanding of Zero Trust principles as well as articulating concise strategies and adopting the appropriate frameworks. This survey is data rich and should be carefully contemplated by the industry to identify the roadblocks and opportunities for pervasive Zero Trust. CSA is aggressively producing valuable research such as this within our Zero Trust Advancement Center to bring the topic in focus for our community,” said Jim Reavis, CEO, Cloud Security Alliance.

The goal of the survey was to shed light on where C-level executives stand in terms of their Zero-Trust strategies, pain points, vendor needs, management requirements/oversight, technical considerations, legacy challenges, adoption rates, and stakeholder involvement. Specifically, respondents were asked to evaluate the:

  • Maturity and level of priority Zero Trust has within their organization
  • Benefits and drivers toward adopting Zero Trust
  • Challenges and barriers to adopting Zero Trust
  • Investments needed to support the Zero Trust strategy

The survey received 823 responses from IT and security professionals, including 219 C-level executives, from various organization sizes and locations. It is the first installment of a multi-part survey that will be conducted this year. Additional activities being undertaken by the ZTAC in the next 18 months include courses in Zero Trust architecture and strategy, a CloudBytes webinar series, several research whitepapers, an annual Zero Trust Summit to be initiated in Q4 2022, and a new professional credential, the Certificate of Zero Trust Knowledge (CZTK).

The Zero Trust Advancement Center builds upon several existing CSA projects, including the groundbreaking Software-Defined Perimeter research seriesCloud Controls MatrixEnterprise Architecture and other related virtualized security models. Organizations can register their interest and participate in the program by navigating to cloudsecurityalliance.org/ZT.