SlideShare a Scribd company logo

Opportunity Snapshot - Build Your Zero Trust Security Strategy With Microsegmentation (Forrester, sep 2018).pdf

H
havoc2003

In May 2018, Unisys commissioned Forrester Consulting to conduct a custom survey of 164 IT professionals in North America to explore the security challenges they face as they seek to digitally transform, the progress they’ve made toward adopting a Zero Trust security architecture, and the benefits they expect from network microsegmentation.

Technology
1 of 11
Download to read offline
FORRESTER.COM GET STARTED Forrester Opportunity Snapshot: A Custom Study Commissioned By Unisys | September 2018 Build Your Zero Trust Security Strategy With Microsegmentation Why Digital Businesses Need A Granular Network Segmentation Approach
FORRESTER.COM OVERVIEW SITUATION APPROACH OPPORTUNITY CONCLUSIONS Forrester Opportunity Snapshot: A Custom Study Commissioned By Unisys | September 2018 Build Your Zero Trust Security Strategy With Microsegmentation Overview The idea of a secure network perimeter is dead. As companies rapidly scale their digital capabilities to deliver better customer experiences and operational efficiencies, they also become substantially more vulnerable to cyberattacks. Digital transformation necessitates an evolution of their security approaches to one that can manage threats in a complex and expanding technology landscape. In May 2018, Unisys commissioned Forrester Consulting to conduct a custom survey of 164 IT professionals in North America to explore the security challenges they face as they seek to digitally transform, the progress they’ve made toward adopting a Zero Trust security architecture, and the benefits they expect from network microsegmentation. Country › 71% - United States › 29% - Canada Number of employees › 54% - 1,000 to 4,999 › 31% - 5,000 to 19,999 › 15% - 20,000 or more Seniority › 29% - C-level or VP › 41% - Director › 30% - Manager
FORRESTER.COM OVERVIEW SITUATION APPROACH OPPORTUNITY CONCLUSIONS Organizations Are Embracing Digital Transformation The need to satisfy customers’ heightened expectations has propelled companies to digitally transform their internal processes and customer interactions. To support this effort, they are investing aggressively in new technologies that drive innovation and efficiency. They have adopted: analytics to turn data into insight for improved decision making; cloud services to augment connectivity, speed, and scalability; internet of things (IoT) to digitize physical products and optimize operations through improved monitoring; mobile applications and devices to delight customers in their moments of need and connect an untethered workforce; and artificial intelligence (AI) to better anticipate and deliver personalized customer interactions. While these initiatives are essential, they also raise the requirements for security and privacy — their No. 1 digital transformation technology investment area. 1 2 Digital businesses continuously create and exploit digital assets to deliver new sources of customer value and increase operational agility. Forrester Opportunity Snapshot: A Custom Study Commissioned By Unisys | September 2018 Build Your Zero Trust Security Strategy With Microsegmentation 3
FORRESTER.COM OVERVIEW SITUATION APPROACH OPPORTUNITY CONCLUSIONS 1 2 Digital Transformation Raises The Security Bar As they implement new cloud services, devices, partners, bring-your- own-device policies, and customer engagement models, digital businesses find themselves in a new technology landscape. Their ecosystem is now more diverse, interconnected, and vulnerable. Eighty percent agree that digital transformation has expanded the cyberattack surface — so much so that the security perimeter is difficult to define. To protect their data and information assets, companies must now find ways to consistently apply end-to-end security policies in a diverse landscape and safeguard sensitive information throughout the digital supply chain.1 The need to scale security practices to the fast rate of digital transformation change complicates this endeavor. As companies digitize their businesses, they face new threats across a wide and diverse technology landscape. Forrester Opportunity Snapshot: A Custom Study Commissioned By Unisys | September 2018 Build Your Zero Trust Security Strategy With Microsegmentation 3
FORRESTER.COM OVERVIEW SITUATION APPROACH OPPORTUNITY CONCLUSIONS 1 2 The Network Perimeter Is No Longer Defensible Organizations have historically focused on securing the network perimeter. In this model, traffic inside the perimeter is classified as safe, and traffic outside of it is deemed unsafe. However, today’s digital ecosystem has rendered this approach obsolete. Attacks that originate within companies — where controls are weaker — are often the culprits of myriad security failures. The network perimeter offers little protection. Once inside the company, threats can spread unabated. Given that most respondents say the perimeter is difficult to define, it’s no surprise that 58% also believe it is indefensible. Put simply, there is no perimeter; companies must update their thinking and defensive strategies accordingly. Thankfully, decision makers recognize the need for change: 84% agree that they must adjust traditional perimeter-based security strategies. Digital businesses need an inside-out security approach. Forrester Opportunity Snapshot: A Custom Study Commissioned By Unisys | September 2018 Build Your Zero Trust Security Strategy With Microsegmentation 3
FORRESTER.COM OVERVIEW SITUATION APPROACH OPPORTUNITY CONCLUSIONS 1 3 2 Zero Trust Affords Digital Businesses Operational Agility While Containing Risk Companies cannot afford to trust internal network traffic as legitimate, nor can they trust employees and partners to always be well-meaning and careful with systems and data.2 To manage the complexities of their environment without constraining their digital transformation ambitions, many companies are moving toward a Zero Trust (ZT) security model — a more identity- and data-centric approach based on network segmentation, data obfuscation, security analytics, and automation that never assumes trust. ZT allows security and privacy protections to travel with the data itself — across hosting models, locations, devices, and third parties. It also applies the appropriate access rights based on the user’s identity.3 This allows companies to adapt to an evolving threat landscape quickly and effectively.4 While just 7% of those surveyed have applied all aspects of ZT, 84% have already adopted, plan to adopt, or have interest in adopting one or more pieces of the model. Forrester Opportunity Snapshot: A Custom Study Commissioned By Unisys | September 2018 Build Your Zero Trust Security Strategy With Microsegmentation
FORRESTER.COM OVERVIEW SITUATION APPROACH OPPORTUNITY CONCLUSIONS 1 3 2 Microsegmentation Is A Key Piece Of Any Zero Trust Network To successfully promote a ZT architectural model, security teams will need improved isolation of environments and infrastructures in the form of microsegmentation. Microsegmentation divides a network at a granular level, allowing organizations to tailor security settings to different types of traffic and create policies that limit network and application flows to those that are explicitly permitted. It allows security teams the flexibility to apply the right level of protection to a given workload based on sensitivity and value to the business.5 Over 75% of respondents agree that various aspects of their digital transformation technology programs necessitate microsegmentation. AI, IoT, and network-enabled device technologies top the list of technologies in need of microsegmentation, as they introduce a massive area of potential compromise through device and data proliferation. Over 75% agree that their digital transformation technology programs necessitate microsegment-level protection. Forrester Opportunity Snapshot: A Custom Study Commissioned By Unisys | September 2018 Build Your Zero Trust Security Strategy With Microsegmentation
FORRESTER.COM OVERVIEW SITUATION APPROACH OPPORTUNITY CONCLUSIONS 1 3 2 “How important is the centralization of your workstation assets to securing your intellectual property?” Network Microsegmentation Is Gaining Momentum In today’s technology environment, security teams must be able to isolate, secure, and control traffic on the network at all times — and do so at the micro level. Unfortunately, this is not the standard. While decision makers recognize the value of microsegmentation, only 26% already have it in place today. However, our research suggests that its popularity will soon spread: 22% have plans to implement microsegmentation in the next 12 months, and another 32% express interest. While microsegmentation is not new concept, traditional approaches have relied on building microperimeters by installing more firewalls. In fact, among the 26% who have adopted microsegmentation in our study, most say (64%) they use firewalls for all or part of their strategy. New microsegmentation approaches — including ones that are software-defined and offer embedded encryption capabilities — can ease infrastructure complexity. Forrester Opportunity Snapshot: A Custom Study Commissioned By Unisys | September 2018 Build Your Zero Trust Security Strategy With Microsegmentation Eighty-two percent describe access to a security solution that can encrypt data-in-motion as important to improving their security posture.
FORRESTER.COM OVERVIEW SITUATION APPROACH OPPORTUNITY CONCLUSIONS 1 2 “How are the following enterprise computing workloads changing at your organization?” Microsegmentation Delivers On Strategic Benefits Respondents whose companies have already adopted microsegmentation cite a long list of benefits — benefits that are consistent with Forrester’s ZT research. Most of all, they view it as valuable to improving their security posture (65%). Microsegmentation improves visibility and control at a granular level, allowing companies to better contain threats while minimizing disruption (i.e., locate and quarantine the affected person or group without shutting down an entire site). Operational benefits — including improved performance, easier segmentation of the network, and improved agility — also top the list. Finally, many consider microsegmentation helpful for protecting critical information assets and meeting compliance standards. The ability to shield intellectual property and sensitive customer data from falling into the wrong hands is a critical requirement for companies that compete on their ability to deliver personalized experiences without violating customer privacy and trust. Even those companies that have not yet adopted microsegmentation find value: 98% associate one or more benefits with the approach. Forrester Opportunity Snapshot: A Custom Study Commissioned By Unisys | September 2018 Build Your Zero Trust Security Strategy With Microsegmentation
FORRESTER.COM OVERVIEW SITUATION APPROACH OPPORTUNITY CONCLUSIONS 1 2 Zero Trust Requires A Comprehensive Suite Of Tools Combined With Strategy Digital businesses need security technology partners that offer a range of capabilities that: 1) are easy to use and integrate; 2) improve their network visibility; and 3) support the ZT model. They place especially high value on partner solutions that can apply security controls across environments uniformly and quickly, with features that allow them to modify settings as circumstances change. Eighty-eight percent also say that it’s important for them to be able to base security on user identity — a key tenet of ZT. Support for controlling industrial control systems (ICS) and operational technology (OT) is also vital. Because these machines often run on proprietary software and are geographically dispersed, they can be difficult to update and secure. Disruptions to these technologies — which are critical to controlling any number of core functions, like factory automation, patient machines, and production processes — can result in significant profit loss, security threats, and even physical damage or harm.6 For this reason, 82% say their ability to secure these technologies is “important” or “very important” to improving their security posture. Forrester Opportunity Snapshot: A Custom Study Commissioned By Unisys | September 2018 Build Your Zero Trust Security Strategy With Microsegmentation
FORRESTER.COM OVERVIEW SITUATION APPROACH OPPORTUNITY CONCLUSIONS Conclusion While the digitization of products, services, and operations will be necessary to deliver on the experience expectations of demanding customers, it also increases organizations’ security risk. Perimeter-based security approaches are no longer sufficient. Companies need sophisticated capabilities that support a ZT security architecture — a more data- and identity-centric security approach built on focused network segmentation. Solutions that help firms secure their network at the microsegment level can help companies promote ZT principles and realize key benefits, including an improved ability to protect critical data assets in an evolving landscape; greater network visibility and control; and operational agility. Forrester Opportunity Snapshot: A Custom Study Commissioned By Unisys | September 2018 Build Your Zero Trust Security Strategy With Microsegmentation ABOUT FORRESTER CONSULTING Forrester Consulting provides independent and objective research-based consulting to help leaders succeed in their organizations. Ranging in scope from a short strategy session to custom projects, Forrester’s Consulting services connect you directly with research analysts who apply expert insight to your specific business challenges. For more information, visit forrester.com/consulting. © 2018, Forrester Research, Inc. All rights reserved. Unauthorized reproduction is strictly prohibited. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change. Forrester®, Technographics®, Forrester Wave, RoleView, TechRadar, and Total Economic Impact are trademarks of Forrester Research, Inc. All other trademarks are the property of their respective companies. For additional information, go to forrester.com. [A-158802] METHODOLOGY This Opportunity Snapshot was commissioned by Unisys. To create this Snapshot, Forrester conducted a custom survey of 164 IT professionals in North America with responsibility for their organizations’ network security and technology decisions. To qualify for the study, respondents had to work at companies with at least 1,000 employees. Project Director: Sophia Christakis, Market Impact Consultant Contributing Research: Forrester’s Security & Risk research group Endnotes 1 Source: “Future-Proof Your Digital Business With Zero Trust Security,” Forrester Research, Inc., March 28, 2018. 2 Ibid. 3 Ibid. 4 Source: “The State Of IoT Security 2018,” Forrester Research, Inc., January 9, 2018. 5 Source: “The Forrester Tech TideTM: Zero Trust Threat Prevention, Q3 2018,” Forrester Research, Inc., July 12, 2018. 6 Source: “Protecting Industrial Control Systems And Critical Infrastructure From Attack,” Forrester Research, Inc., April 19, 2018.

Recommended

NICE CXone Attendant Data Sheet (mar 2022).pdf
NICE CXone Attendant Data Sheet (mar 2022).pdfNICE CXone Attendant Data Sheet (mar 2022).pdf
NICE CXone Attendant Data Sheet (mar 2022).pdfhavoc2003
 
documen.site_sd08 2.pdf
documen.site_sd08 2.pdfdocumen.site_sd08 2.pdf
documen.site_sd08 2.pdfhavoc2003
 
Azure Synapse Data Lakehouse - Customer Presentation (Oquila, jan 2022).pdf
Azure Synapse Data Lakehouse - Customer Presentation (Oquila, jan 2022).pdfAzure Synapse Data Lakehouse - Customer Presentation (Oquila, jan 2022).pdf
Azure Synapse Data Lakehouse - Customer Presentation (Oquila, jan 2022).pdfhavoc2003
 
Qlik-Sense-Product-Presentation.compressed.pdf
Qlik-Sense-Product-Presentation.compressed.pdfQlik-Sense-Product-Presentation.compressed.pdf
Qlik-Sense-Product-Presentation.compressed.pdfhavoc2003
 
presentation-efficacy-effectiveness-models_en.pdf
presentation-efficacy-effectiveness-models_en.pdfpresentation-efficacy-effectiveness-models_en.pdf
presentation-efficacy-effectiveness-models_en.pdfhavoc2003
 
Predictions-2023-Europe.pdf
Predictions-2023-Europe.pdfPredictions-2023-Europe.pdf
Predictions-2023-Europe.pdfhavoc2003
 
The Acord Framework - An Insurance Enterprise Architecture (2011).pdf
The Acord Framework - An Insurance Enterprise Architecture (2011).pdfThe Acord Framework - An Insurance Enterprise Architecture (2011).pdf
The Acord Framework - An Insurance Enterprise Architecture (2011).pdfhavoc2003
 
Opportunity Snapshot - Accelerating Digital Transformation With Technology (F...
Opportunity Snapshot - Accelerating Digital Transformation With Technology (F...Opportunity Snapshot - Accelerating Digital Transformation With Technology (F...
Opportunity Snapshot - Accelerating Digital Transformation With Technology (F...havoc2003
 

Recommended

NICE CXone Attendant Data Sheet (mar 2022).pdf
NICE CXone Attendant Data Sheet (mar 2022).pdfNICE CXone Attendant Data Sheet (mar 2022).pdf
NICE CXone Attendant Data Sheet (mar 2022).pdfhavoc2003
 
documen.site_sd08 2.pdf
documen.site_sd08 2.pdfdocumen.site_sd08 2.pdf
documen.site_sd08 2.pdfhavoc2003
 
Azure Synapse Data Lakehouse - Customer Presentation (Oquila, jan 2022).pdf
Azure Synapse Data Lakehouse - Customer Presentation (Oquila, jan 2022).pdfAzure Synapse Data Lakehouse - Customer Presentation (Oquila, jan 2022).pdf
Azure Synapse Data Lakehouse - Customer Presentation (Oquila, jan 2022).pdfhavoc2003
 
Qlik-Sense-Product-Presentation.compressed.pdf
Qlik-Sense-Product-Presentation.compressed.pdfQlik-Sense-Product-Presentation.compressed.pdf
Qlik-Sense-Product-Presentation.compressed.pdfhavoc2003
 
presentation-efficacy-effectiveness-models_en.pdf
presentation-efficacy-effectiveness-models_en.pdfpresentation-efficacy-effectiveness-models_en.pdf
presentation-efficacy-effectiveness-models_en.pdfhavoc2003
 
Predictions-2023-Europe.pdf
Predictions-2023-Europe.pdfPredictions-2023-Europe.pdf
Predictions-2023-Europe.pdfhavoc2003
 
The Acord Framework - An Insurance Enterprise Architecture (2011).pdf
The Acord Framework - An Insurance Enterprise Architecture (2011).pdfThe Acord Framework - An Insurance Enterprise Architecture (2011).pdf
The Acord Framework - An Insurance Enterprise Architecture (2011).pdfhavoc2003
 
Opportunity Snapshot - Accelerating Digital Transformation With Technology (F...
Opportunity Snapshot - Accelerating Digital Transformation With Technology (F...Opportunity Snapshot - Accelerating Digital Transformation With Technology (F...
Opportunity Snapshot - Accelerating Digital Transformation With Technology (F...havoc2003
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfmarketingartwork
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture CodeSkeleton Technologies
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024Neil Kimberley
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)contently
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024Albert Qian
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsKurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summarySpeakerHub
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next Tessa Mero
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentLily Ray
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations Rajiv Jayarajah, MAppComm, ACC
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data ScienceChristy Abraham Joy
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesVit Horky
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project managementMindGenius
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...RachelPearson36
 

More Related Content

Featured

2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfmarketingartwork
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024Neil Kimberley
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)contently
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024Albert Qian
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsKurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summarySpeakerHub
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next Tessa Mero
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentLily Ray
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesVit Horky
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project managementMindGenius
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...RachelPearson36
 

Featured (20)

2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 

Opportunity Snapshot - Build Your Zero Trust Security Strategy With Microsegmentation (Forrester, sep 2018).pdf

  • 1. FORRESTER.COM GET STARTED Forrester Opportunity Snapshot: A Custom Study Commissioned By Unisys | September 2018 Build Your Zero Trust Security Strategy With Microsegmentation Why Digital Businesses Need A Granular Network Segmentation Approach
  • 2. FORRESTER.COM OVERVIEW SITUATION APPROACH OPPORTUNITY CONCLUSIONS Forrester Opportunity Snapshot: A Custom Study Commissioned By Unisys | September 2018 Build Your Zero Trust Security Strategy With Microsegmentation Overview The idea of a secure network perimeter is dead. As companies rapidly scale their digital capabilities to deliver better customer experiences and operational efficiencies, they also become substantially more vulnerable to cyberattacks. Digital transformation necessitates an evolution of their security approaches to one that can manage threats in a complex and expanding technology landscape. In May 2018, Unisys commissioned Forrester Consulting to conduct a custom survey of 164 IT professionals in North America to explore the security challenges they face as they seek to digitally transform, the progress they’ve made toward adopting a Zero Trust security architecture, and the benefits they expect from network microsegmentation. Country › 71% - United States › 29% - Canada Number of employees › 54% - 1,000 to 4,999 › 31% - 5,000 to 19,999 › 15% - 20,000 or more Seniority › 29% - C-level or VP › 41% - Director › 30% - Manager
  • 3. FORRESTER.COM OVERVIEW SITUATION APPROACH OPPORTUNITY CONCLUSIONS Organizations Are Embracing Digital Transformation The need to satisfy customers’ heightened expectations has propelled companies to digitally transform their internal processes and customer interactions. To support this effort, they are investing aggressively in new technologies that drive innovation and efficiency. They have adopted: analytics to turn data into insight for improved decision making; cloud services to augment connectivity, speed, and scalability; internet of things (IoT) to digitize physical products and optimize operations through improved monitoring; mobile applications and devices to delight customers in their moments of need and connect an untethered workforce; and artificial intelligence (AI) to better anticipate and deliver personalized customer interactions. While these initiatives are essential, they also raise the requirements for security and privacy — their No. 1 digital transformation technology investment area. 1 2 Digital businesses continuously create and exploit digital assets to deliver new sources of customer value and increase operational agility. Forrester Opportunity Snapshot: A Custom Study Commissioned By Unisys | September 2018 Build Your Zero Trust Security Strategy With Microsegmentation 3
  • 4. FORRESTER.COM OVERVIEW SITUATION APPROACH OPPORTUNITY CONCLUSIONS 1 2 Digital Transformation Raises The Security Bar As they implement new cloud services, devices, partners, bring-your- own-device policies, and customer engagement models, digital businesses find themselves in a new technology landscape. Their ecosystem is now more diverse, interconnected, and vulnerable. Eighty percent agree that digital transformation has expanded the cyberattack surface — so much so that the security perimeter is difficult to define. To protect their data and information assets, companies must now find ways to consistently apply end-to-end security policies in a diverse landscape and safeguard sensitive information throughout the digital supply chain.1 The need to scale security practices to the fast rate of digital transformation change complicates this endeavor. As companies digitize their businesses, they face new threats across a wide and diverse technology landscape. Forrester Opportunity Snapshot: A Custom Study Commissioned By Unisys | September 2018 Build Your Zero Trust Security Strategy With Microsegmentation 3
  • 5. FORRESTER.COM OVERVIEW SITUATION APPROACH OPPORTUNITY CONCLUSIONS 1 2 The Network Perimeter Is No Longer Defensible Organizations have historically focused on securing the network perimeter. In this model, traffic inside the perimeter is classified as safe, and traffic outside of it is deemed unsafe. However, today’s digital ecosystem has rendered this approach obsolete. Attacks that originate within companies — where controls are weaker — are often the culprits of myriad security failures. The network perimeter offers little protection. Once inside the company, threats can spread unabated. Given that most respondents say the perimeter is difficult to define, it’s no surprise that 58% also believe it is indefensible. Put simply, there is no perimeter; companies must update their thinking and defensive strategies accordingly. Thankfully, decision makers recognize the need for change: 84% agree that they must adjust traditional perimeter-based security strategies. Digital businesses need an inside-out security approach. Forrester Opportunity Snapshot: A Custom Study Commissioned By Unisys | September 2018 Build Your Zero Trust Security Strategy With Microsegmentation 3
  • 6. FORRESTER.COM OVERVIEW SITUATION APPROACH OPPORTUNITY CONCLUSIONS 1 3 2 Zero Trust Affords Digital Businesses Operational Agility While Containing Risk Companies cannot afford to trust internal network traffic as legitimate, nor can they trust employees and partners to always be well-meaning and careful with systems and data.2 To manage the complexities of their environment without constraining their digital transformation ambitions, many companies are moving toward a Zero Trust (ZT) security model — a more identity- and data-centric approach based on network segmentation, data obfuscation, security analytics, and automation that never assumes trust. ZT allows security and privacy protections to travel with the data itself — across hosting models, locations, devices, and third parties. It also applies the appropriate access rights based on the user’s identity.3 This allows companies to adapt to an evolving threat landscape quickly and effectively.4 While just 7% of those surveyed have applied all aspects of ZT, 84% have already adopted, plan to adopt, or have interest in adopting one or more pieces of the model. Forrester Opportunity Snapshot: A Custom Study Commissioned By Unisys | September 2018 Build Your Zero Trust Security Strategy With Microsegmentation
  • 7. FORRESTER.COM OVERVIEW SITUATION APPROACH OPPORTUNITY CONCLUSIONS 1 3 2 Microsegmentation Is A Key Piece Of Any Zero Trust Network To successfully promote a ZT architectural model, security teams will need improved isolation of environments and infrastructures in the form of microsegmentation. Microsegmentation divides a network at a granular level, allowing organizations to tailor security settings to different types of traffic and create policies that limit network and application flows to those that are explicitly permitted. It allows security teams the flexibility to apply the right level of protection to a given workload based on sensitivity and value to the business.5 Over 75% of respondents agree that various aspects of their digital transformation technology programs necessitate microsegmentation. AI, IoT, and network-enabled device technologies top the list of technologies in need of microsegmentation, as they introduce a massive area of potential compromise through device and data proliferation. Over 75% agree that their digital transformation technology programs necessitate microsegment-level protection. Forrester Opportunity Snapshot: A Custom Study Commissioned By Unisys | September 2018 Build Your Zero Trust Security Strategy With Microsegmentation
  • 8. FORRESTER.COM OVERVIEW SITUATION APPROACH OPPORTUNITY CONCLUSIONS 1 3 2 “How important is the centralization of your workstation assets to securing your intellectual property?” Network Microsegmentation Is Gaining Momentum In today’s technology environment, security teams must be able to isolate, secure, and control traffic on the network at all times — and do so at the micro level. Unfortunately, this is not the standard. While decision makers recognize the value of microsegmentation, only 26% already have it in place today. However, our research suggests that its popularity will soon spread: 22% have plans to implement microsegmentation in the next 12 months, and another 32% express interest. While microsegmentation is not new concept, traditional approaches have relied on building microperimeters by installing more firewalls. In fact, among the 26% who have adopted microsegmentation in our study, most say (64%) they use firewalls for all or part of their strategy. New microsegmentation approaches — including ones that are software-defined and offer embedded encryption capabilities — can ease infrastructure complexity. Forrester Opportunity Snapshot: A Custom Study Commissioned By Unisys | September 2018 Build Your Zero Trust Security Strategy With Microsegmentation Eighty-two percent describe access to a security solution that can encrypt data-in-motion as important to improving their security posture.
  • 9. FORRESTER.COM OVERVIEW SITUATION APPROACH OPPORTUNITY CONCLUSIONS 1 2 “How are the following enterprise computing workloads changing at your organization?” Microsegmentation Delivers On Strategic Benefits Respondents whose companies have already adopted microsegmentation cite a long list of benefits — benefits that are consistent with Forrester’s ZT research. Most of all, they view it as valuable to improving their security posture (65%). Microsegmentation improves visibility and control at a granular level, allowing companies to better contain threats while minimizing disruption (i.e., locate and quarantine the affected person or group without shutting down an entire site). Operational benefits — including improved performance, easier segmentation of the network, and improved agility — also top the list. Finally, many consider microsegmentation helpful for protecting critical information assets and meeting compliance standards. The ability to shield intellectual property and sensitive customer data from falling into the wrong hands is a critical requirement for companies that compete on their ability to deliver personalized experiences without violating customer privacy and trust. Even those companies that have not yet adopted microsegmentation find value: 98% associate one or more benefits with the approach. Forrester Opportunity Snapshot: A Custom Study Commissioned By Unisys | September 2018 Build Your Zero Trust Security Strategy With Microsegmentation
  • 10. FORRESTER.COM OVERVIEW SITUATION APPROACH OPPORTUNITY CONCLUSIONS 1 2 Zero Trust Requires A Comprehensive Suite Of Tools Combined With Strategy Digital businesses need security technology partners that offer a range of capabilities that: 1) are easy to use and integrate; 2) improve their network visibility; and 3) support the ZT model. They place especially high value on partner solutions that can apply security controls across environments uniformly and quickly, with features that allow them to modify settings as circumstances change. Eighty-eight percent also say that it’s important for them to be able to base security on user identity — a key tenet of ZT. Support for controlling industrial control systems (ICS) and operational technology (OT) is also vital. Because these machines often run on proprietary software and are geographically dispersed, they can be difficult to update and secure. Disruptions to these technologies — which are critical to controlling any number of core functions, like factory automation, patient machines, and production processes — can result in significant profit loss, security threats, and even physical damage or harm.6 For this reason, 82% say their ability to secure these technologies is “important” or “very important” to improving their security posture. Forrester Opportunity Snapshot: A Custom Study Commissioned By Unisys | September 2018 Build Your Zero Trust Security Strategy With Microsegmentation
  • 11. FORRESTER.COM OVERVIEW SITUATION APPROACH OPPORTUNITY CONCLUSIONS Conclusion While the digitization of products, services, and operations will be necessary to deliver on the experience expectations of demanding customers, it also increases organizations’ security risk. Perimeter-based security approaches are no longer sufficient. Companies need sophisticated capabilities that support a ZT security architecture — a more data- and identity-centric security approach built on focused network segmentation. Solutions that help firms secure their network at the microsegment level can help companies promote ZT principles and realize key benefits, including an improved ability to protect critical data assets in an evolving landscape; greater network visibility and control; and operational agility. Forrester Opportunity Snapshot: A Custom Study Commissioned By Unisys | September 2018 Build Your Zero Trust Security Strategy With Microsegmentation ABOUT FORRESTER CONSULTING Forrester Consulting provides independent and objective research-based consulting to help leaders succeed in their organizations. Ranging in scope from a short strategy session to custom projects, Forrester’s Consulting services connect you directly with research analysts who apply expert insight to your specific business challenges. For more information, visit forrester.com/consulting. © 2018, Forrester Research, Inc. All rights reserved. Unauthorized reproduction is strictly prohibited. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change. Forrester®, Technographics®, Forrester Wave, RoleView, TechRadar, and Total Economic Impact are trademarks of Forrester Research, Inc. All other trademarks are the property of their respective companies. For additional information, go to forrester.com. [A-158802] METHODOLOGY This Opportunity Snapshot was commissioned by Unisys. To create this Snapshot, Forrester conducted a custom survey of 164 IT professionals in North America with responsibility for their organizations’ network security and technology decisions. To qualify for the study, respondents had to work at companies with at least 1,000 employees. Project Director: Sophia Christakis, Market Impact Consultant Contributing Research: Forrester’s Security & Risk research group Endnotes 1 Source: “Future-Proof Your Digital Business With Zero Trust Security,” Forrester Research, Inc., March 28, 2018. 2 Ibid. 3 Ibid. 4 Source: “The State Of IoT Security 2018,” Forrester Research, Inc., January 9, 2018. 5 Source: “The Forrester Tech TideTM: Zero Trust Threat Prevention, Q3 2018,” Forrester Research, Inc., July 12, 2018. 6 Source: “Protecting Industrial Control Systems And Critical Infrastructure From Attack,” Forrester Research, Inc., April 19, 2018.