If you haven’t adopted a zero trust strategy, what are your reasons for not doing so?
Sort By:
Oldest
Head of IT and Security in Finance (non-banking)2 years ago
Budget restrains. Zero trust will require a big investment in our environment. Encrypted traffic needs to be decrypted to be checked which will need to change the network infrastructure and an ssl offloader. We need to invest in MFA as well.Director in Construction2 years ago
Our issue is twofold. First is that Zero Trust requires a change of the overall architecture strategy of the organization. The current architecture is based around firewalls and segregation of system so moving that to Zero Trust requires a different approach to architecture which involves change. The second is education of architecture teams. Legacy system architects think in terms of networks, IP and ports. Changing their architecture mindset to think instead in terms of users and access is a fundamental shift that is, unfortunately, taking time.I have two wishes for Zero Trust vendors. (1) Train architects in the benefits of thinking about Zero Trust with your solution. If you train the solution architects they will come, and (2) offer solution architecture services as part of your post sales team. Don't make if free (because then their is no perceived value) but instead make solution architecture using your solution a consulting service available to customers attempting to build a Zero Trust direction using your solution.
Director of Information Security in Manufacturing2 years ago
While we agree with the overall concept of Zero Trust, getting the relevant bits and pieces in place has proven to be very difficult, mainly based on a lack of technical expertise with internal resources, and an overall seemingly staggering incremental cost. Where possible, we are keeping the direction in mind when we upgrade individual components (e.g. the IDM, or the firewalls) but right now it does not look like the individual parts will result in a true 'Zero Trust' setup without an additional effort.Director of Information Security Operations in Consumer Goods2 years ago
budget, leadership engagement, too many players selling the same Director, Strategic Security Initiatives in Software2 years ago
Investment, Strategy, Customer, Supporting systems, etc.