“Success is not final, failure is not fatal: It is the courage to continue that counts.”
– Winston Churchill

When it comes to zero trust, teams are finding the courage to continue, based on the latest Security Outcomes Report on Zero Trust: Adoption, Access, And Automation Trends.

Let’s start with some good news. Zero trust security adoption is on the rise.

A large majority of organizations – 86.5% – report starting on some aspect of zero trust – whether implementing multi-factor authentication (MFA), securing remote user access, deploying network segmentation, or enforcing micro-segmentation in cloud workloads.

That’s the good news. The not so good news? Only a tiny sliver of respondents – 2% – claim to have achieved maturity across the zero trust pillars.

That said, more than a third of organizations have reached maturity in at least one zero trust pillar.*

*The zero trust pillars used in the report are a simplified version of (and loosely align to) Cisco’s zero trust security reference architecture as well as CISA’s model. They are: Identity; Device; Network and Workload; and Automation and Orchestration.

The seeds of courage: zero trust aligns with operational excellence

These findings give CISOs and our teams the rationale as well as the courage to continue adopting zero trust security. But how do we engage the rest of the organization to join the initiative?

The answer lies in aligning the outcomes from zero trust programs to the objectives of the organization. Thankfully, we found zero trust improves several outcomes. From adapting to external events to maturing their security capability, organizations with zero trust in place report a double digit increase in excellence at achieving these outcomes than those without zero trust.

Top Three Takeaways

1. The more pillars pursued; the more achievements unlocked. Progress is measured in pillars; the more pillars of zero trust are implemented, the better the outcomes, which supports the idea that zero trust requires a holistic approach to reap measurable benefits.

Key findings:

    • Organizations not yet started on the zero trust journey are twice as likely to report incidents than those completing all zero trust pillars – from 67% to 33%.
    • As organizations add zero trust technologies to their security stack, the percentage of reported incidents drops from 74% to 38%.
    • Moving from completing three pillars to four pillars involves a huge perception jump in terms of whether zero trust is viewed in place: from 53% to over 82%.

2. Order matters: Identity first, then segmentation, then automation and orchestration. The most common question we receive in our Zero Trust Workshops is consistently ‘where do I start?’ The findings from the report suggest that most organizations start by securing user access via multi-factor authentication (MFA), continuous user validation, role-based access control (RBAC), and other identity and access management technologies. The next use cases to follow involve segmenting networks and cloud workloads and setting up automated and orchestrated SOC workflows (e.g., XDR).

Benefits to taking this approach include:

  • Improved incident response. User controls like MFA have the biggest impact on reducing incidents highlighting the value these preventative controls can have on the productivity of SecOps teams. Fewer incidents is good news for all.
  • Reduced risk of ransomware. Organizations completing the Identity pillar were nearly 11% less likely to have a ransomware attack than orgs with no progress on that pillar.

Pro-tip: Check out our on-demand webinar where we cover the five key steps to take when moving from MFA to full zero trust security when securing user access to apps.

3. Automation accelerates zero trust adoption. Automation and Orchestration have taken the lead for how security teams evaluate their zero trust architecture. But while many agree with the need for automation, few have fully realized the benefits. This is the area where maturing programs are focusing on. After all, without the speed to remediation that orchestrated workflows can bring, achieving zero trust security will remain an elusive goal.

Key findings:

  • Organizations who deployed SOAR were 7% more likely to claim zero trust to be in place.
  • Organizations completing the Automation and Orchestration pillar are 14% more likely to be successful at adapting to external change events.

Download the full report to discover more insights about how to continue gaining momentum for your zero trust rollout.

Watch our on-demand webinar to map out your zero trust roadmap for securing user access to devices.

We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Security on social!

Cisco Security Social Channels



J. Wolfgang Goerlich

Advisory CISO

Duo Security