Increased breaches in cybersecurity influencing opinions on Zero Trust strategies: study

Investing in cybersecurity to prevent data breaches favoured over following regulations.

Seven in 10 organisations in Singapore pointed to cyber-risk concerns as the biggest factors in using Zero Trust strategies, with about a third citing cyber breach risk and the expanding attack surface, according to a study by Entrust.

The study showed less than a quarter already have Zero Trust strategies in place, while 52% of the organizations said schemes are underway, ranging from exploration to some implementation. Meanwhile, 28% had yet to start at all.

The report said the city-state’s current priorities for security investments were: reducing complexity and inefficiencies in organisations’ IT security infrastructures; improving visibility into organisation’s applications and network; and reducing risks of data breaches or other security incidents.

“With the rise of costly breaches and AI-generated deepfakes, synthetic identity fraud, ransomware gangs, and cyber warfare, the threat landscape is intensifying at an alarming rate," Samantha Mabey, director of solutions marketing at Entrust, said. “This means that implementing a Zero Trust security practice is an urgent business imperative – and the security of organisations' and their customers’ data, networks, and identities depends on it.”

Senior leadership within companies has also shown strong support for Zero Trust initiatives according to 56% of the respondents. Despite this, firms still struggle with solutions integration (55%), vendor selection (41%), and a lack of expertise in-house (41%).

Nearly half said their top security concerns were hackers exposing sensitive or confidential data; system or process malfunctions; and temporary or contract workers.

The study listed the main challenges of achieving effective credential management to be the absence of clear ownership (51%); shortage of skilled personnel (50%); and inadequate staffing (45%).

The study surveyed 4,052 IT and IT security practitioners across several countries, including Singapore.