Articles about Zero Trust

Cloudflare has launched new Zero Trust tools in its Cloudflare One platform to help businesses adopt artificial intelligence securely at scale. The features aim to give organizations better visibility into how AI is used, as well as protection from unapproved applications, and controls to safeguard sensitive data, all within a centralized system that can support distributed teams.

Generative AI is now being used by employees across departments, from finance to design, to speed up tasks and create new applications. While this can, and does, help improve efficiency, adoption often happens without security oversight.

Continue reading →

New survey data reveals that 49 percent of organizations with privileged access management report fewer security incidents tied to privilege misuse.

The report from Keeper Security, based on a global survey of 4,000 IT and security leaders in the United States, Europe and Asia, explores the motivations driving PAM adoption, the most common obstacles to deployment and the features enterprises consider essential for securing access in today’s cybersecurity threat landscape.

Continue reading →

A new survey of 1,000 IT, security, and engineering professionals across North America uncovers a fractured landscape of legacy VPNs, slow manual processes, and overlapping tools -- with 99 percent of respondents saying they'd like to redesign their company’s access and networking setup from the ground up.

The study from Tailscale also shows that 83 percent of IT and engineering professionals admit to bypassing security controls in order to get their work done. Also worrying is that 68 percent say they have retained access to internal systems after leaving a previous employer, revealing critical gaps in offboarding and identity lifecycle management.

Continue reading →

New research from Object First shows 81 percent of IT professionals say immutable backup storage built on Zero Trust principles is the best defense against ransomware, and 54 percent view target backup appliances as more secure than integrated appliances.

The report, produced with Informa TechTarget's Enterprise Strategy Group, finds two-thirds of organizations have suffered an attack, and 45 percent experienced multiple attacks. Moreover, 49 percent of affected organizations took up to five business days to recover, and most could not recover all of their data.

Continue reading →

The shift to hybrid working means that managing enterprise networks has become more complicated, but legacy remote access solutions fall short in meeting the needs of supporting both managed and unmanaged users and devices.

Unmanaged users don't want to install heavyweight clients designed for managed use, such as VPN or ZTNA clients. Plus, in the case of contractors or consultants who service multiple customers, it's just not possible or practical to install multiple clients.

Continue reading →

Industry 4.0 is revolutionizing how enterprises need to operate. Integrating cloud technology, robotics, mobile devices and IoT devices is essential to staying ahead in an increasingly competitive global market. To maximize the benefits of Industry 4.0, however, these technologies must always stay connected to a network.

This has become even more true as IT environments grow to massive scales and unprecedented digital dependencies drive business outcomes. In 2025, network downtime could carry a price tag with consequences we’ve never seen before. Therefore, as businesses look to cellular and/or hybrid approaches to enhance their wireless wide area networks (WWAN), they must depend on four things to create resilient connectivity -- artificial intelligence (AI), satellite, network slicing, and a renewed respect for zero-trust principles.  

Continue reading →

Organizations are caught up in a whirlwind of AI adoption, whilst struggling to ensure their security standards can match up. And as the rush to integrate AI into business processes continues into 2025, the time to safeguard its deployment is now.

To-date much of the security discussion around AI has focused on protecting against AI-powered threats. However, an overlooked aspect of AI security lies in the internal workings of AI systems, notably the hidden layers in machine learning models. Understanding the evolving threats to these internal structures is crucial to ensuring the safety and integrity of organizations seeking a security foothold in the current storm of AI adoption.

Continue reading →

The state of high-profile cyber incidents in recent years has highlighted the fact that defenses need to be kept up to date to provide adequate protection.

AI and machine learning have the potential to transform security operations to enhance protection against emerging threats. We spoke to Gurucul CEO Saryu Nayyar to get her view on how protection technologies are evolving and why this is so crucial.

Continue reading →

Despite its promise, the Zero Trust approach to cybersecurity is often more notional than actual in its deployment. Many companies today are far from getting the most of what a truly Zero Trust system can offer. Gartner estimates that only 10 percent of large organizations will have a mature and comprehensive Zero Trust system by 2026. What’s more, continual reliance on human operators means that by default Zero Trust systems can only be as dependable as the people using them. This awkward fact should be kept in view before we put too much faith in systems that are described as ‘Zero Trust’. However, Zero Trust can be made to live up to its name with the addition of new tools that remove the vulnerabilities of the standard approach to using this system.

Zero Trust works by enforcing a blanket rule that all access requests must be authenticated. Unfortunately, the promise of ‘never trust, always verify’ falls apart when human beings enter the picture. Human beings configure the security tools, make judgments where an exception may be needed, and assemble the underlying IT infrastructure. All of that adds up to a lot of trust in human operators and a major caveat for Zero Trust. 

Continue reading →

A new survey, which polled 200 CISOs from companies with annual revenues exceeding $500 million, highlights growing concerns across a number of areas.

The study from Portnox finds worries around the effectiveness of zero trust, the limitations of multi-factor authentication (MFA), and a looming threat to job security amidst an increasingly complex cybersecurity landscape.

Continue reading →

A new zero-trust stealth mode browser is being launched by SlashNext, designed to see through obfuscation techniques commonly used by threat actors, and deliver enhanced protection against phishing and malware.

In recent years, well-intentioned companies offering free services such as CAPTCHA solutions and content delivery networks have inadvertently aided threat actors. For example, Cloudflare's Turnstile Services and similar CAPTCHA solutions are commonly exploited as obfuscation techniques. CAPTCHAs are used to block the crawlers employed by security services from accessing and analyzing phishing sites.

Continue reading →

As network boundaries can no longer be relied on to define the limits of cybersecurity, zero trust has become the overarching framework that now guides enterprise security strategies.

However, Zero Trust Network Access (ZTNA) has its limitations, especially in application security, and this can open up risk for organizations heavily reliant on SaaS systems.

Continue reading →

A new study from Appsbroker CTS finds 79 percent of IT and cybersecurity leaders believe that emerging technologies like GenAI will 'change the game', leaving them unprepared.

In addition 90 percent say the risk and severity of cyberattacks has increased over the past year, while 61 percent believe the attack surface is now 'impossible to control'.

Continue reading →

Cybercriminals are not new, and often neither are their tactics. Despite this, phishing attacks, which incorporate social engineering in emails and messages to persuade people to perform an action that puts organizations at risk, continue to be highly successful. New technologies, such as GenAI, are improving these tactics further and companies must implement a strategic approach built on a solid foundation of identity security to minimize risks.

The most glaring vulnerability within an organization stems from human error. Mistakes such as using weak passwords, reusing credentials across multiple platforms, or falling victim to phishing attacks, can provide malicious actors with an easy gateway into secure systems. Social engineering exploits the natural human inclination to trust, deceive employees into divulging sensitive information or unwittingly granting access. Despite widespread awareness campaigns, these tactics continue to succeed, highlighting the gap between knowledge and practice, which presents a major risk to organizations.

Continue reading →

A new survey of over 1,000 Security and IT leaders across Australia, France, Germany, Singapore, UK, and the USA, shows a decline in detection and response capabilities year-on-year.

The Hybrid Cloud Security Report from Gigamon shows that as hybrid cloud environments grow in complexity and threat actors launch a barrage of concealed attacks, 65 percent of respondents believe their existing security tooling cannot effectively detect breaches.

Continue reading →