Respondents in a late-2023 survey across nine countries cited scaled-up cyber breaches, expanding attack surfaces and tightened regulatory compliance as catalysts

Other key findings

The fourth trend discerned from the global respondents was that 44% of them indicated believing a best-of-breed solution was the most important for a successful ZT implementation (multiple vendors), versus 22% choosing integrated solutions from one to three vendors, and 13% preferring a lowest-cost option. Some 10% cited wanting ZT solutions from a managed security provider, followed by 8% wanting a single vendor. Also:

  1. 46% of respondents (up from 29% in a previous year’s survey on the same topic) cited hackers as the biggest impediment to their ability to protect sensitive and confidential information.
  2. Respondents ranked the importance of certain features in encryption solutions in descending order: management of keys, enforcement of policy, and system performance and latency.
  3. 52% were transferring sensitive and confidential data to public clouds regardless of whether the data was encrypted in any way. Some 28% indicated planning to do so.
  4. 39% of respondents protected data at rest in the cloud using keys generated/managed by the cloud provider, or encryption performed in the cloud using keys generated by their organizations and managed on-premises. Some 23% indicated that encryption was performed on-premises. Also, 22% used keys controlled by their organization (down from 42% in a similar survey in 2022). For this group, the primary strategy for encrypting data at rest in the cloud was the use of a combination of keys controlled by their organization and by the cloud provider, with a preference for keys controlled by their organization, an increase from 19% to 32% in the latest survey. This is followed by only using keys controlled by the cloud provider (24% of respondents).
  5. When asked to rate the importance of cloud encryption features on a scale of 1 (not important) to 5 (most important), the rating for “privileged user access controls” had increased from 3.23 in a 2022 survey to 4.38 in the latest survey. The importance of granular access controls and the ability to encrypt and rekey data while in use without downtime had increased from 3.665 in 2022 to 4.1889 in the latest survey cohort.