Zero-trust is not a new idea when it comes to cybersecurity, but after a series of high-profile breaches over the past two years, it is all the rage. The concept itself traces its history all the way back to 1994 before the National Cyber Security Centre (NCSC) in the U.K. and the National Institute of Standards and Technology (NIST) in the U.S. raised awareness of the need for IT systems to not trust any device, application, or individual.
Flash forward to 2022 and organizations are just now starting to seriously adopt zero-trust IT architectures. A global survey of 362 security decision-makers conducted by Forrester Consulting on behalf of Illumio, a provider of a platform for micro segmenting networks, finds more than three-quarters of respondents now view zero-trust IT as an important means to combat mounting security threats.
Zero-trust IT presents opportunities for MSPs
However, one-third of respondents said they were in the process of deploying a zero-trust architecture, with only six percent reporting they had completed the effort. The issue, of course, is zero-trust IT is not something an organization can buy. It describes an architecture that requires the seamless integration of an array of cybersecurity tools and platforms.
The challenge most organizations immediately encounter is they lack the internal expertise required to implement a zero-trust IT environment. As a result, the opportunity for managed services providers (MSPs) that have the requisite cybersecurity expertise is nothing short of immense. In fact, two-thirds of the respondents said the percentage of their budgets allocated to creating a zero-trust IT environment will increase in the next year.
The top expected benefits of zero-trust IT architectures cited by survey respondents are increased organizational agility (52 percent), safer cloud migrations (50 percent), and support for digital transformation initiatives (48 percent). Those responses suggest the budget dollars being allocated to zero-trust IT initiatives go way beyond simply improving cybersecurity efficiency.
Historically, most organizations only ever deployed firewalls and endpoint protection software usually in the form of anti-virus software. Since the start of the COVID-19 pandemic, the number of organizations consuming a wider range of security services via the #cloud has steadily increased.
Consumption of cloud-based security technologies on the rise
With IT and cybersecurity teams working from home more often, it became practical for many organizations to subscribe to a cloud service that allows them to remotely manage security.
Many of the point security products that organizations previously needed to integrate themselves are now becoming features of a larger integrated cloud service that is easier to consume. In effect, the amount of integration effort to attain and maintain cybersecurity is substantially less than it was prior to the onslaught of the pandemic.
However, access to technologies is only one element of the cybersecurity equation. People and processes still play a critical role. Given the ongoing chronic short supply of cybersecurity talent, most organizations are not going to be able to attain and maintain zero-trust IT environments on their own. As such, the opportunity for MSPs to play a large cybersecurity role within organizations has never been greater.
Photo: JLStock / Shutterstock