Overall cyber losses could have potentially been reduced by up to 31% if the organisations had widely deployed zero trust security, finds a report published by Zscaler.
This analysis was done using the Marsh McLennan Cyber Risk Intelligence Center’s proprietary cyber losses dataset from the past eight-years, which collates cyber incidents from past claims. This totals up to a projected reduction of up to $465 billion in global annual total economic losses.
The analysis reflected that North America experienced significantly more cyber incidents than the rest of the world during the past eight-year period, experiencing almost four times the amount of European cyber incidents. However, of the total incidents encompassed by the study, the percentage of attacks that potentially could have been mitigated by zero trust was greater internationally, with 41% of European events assessed as potentially preventable through zero trust architecture compared to 31% of events in North America.
“Being able to quantify the cost associated with the lack of zero trust implementation has not been previously investigated. The figure demonstrates the value and benefit of such controls, and highlights the potential benefits of greater cyber hygiene across industries,” said Scott Stransky, Managing Director and Head of the Marsh McLennan Cyber Risk Intelligence Center.
The report highlighted that the rise in ransomware incidents, which increased 126% in a single year, has elevated the proportion of events that zero trust could have mitigated globally. From a size perspective, companies with over $1 billion in annual revenue stood to benefit the most from zero trust implementation, with 60% of attacks being deemed mitigable.
“This report underscores the importance of recognizing Zero Trust as a fundamental cybersecurity control that fortifies cyber hygiene,” added Stephen Singh, Global Vice President, M&A/Divestiture and Cyber Risk, Zscaler. “With the external attack surface identified as a key predictor of potential breaches, adopting Zero Trust and phasing out outdated, high-risk technologies such as firewalls and VPNs, shows a dramatic reduction in risk exposure.”
Zero trust significantly increases the security of enterprise IT infrastructure and limits the ability for attackers to cause widespread and costly damage, by requiring continuous verification of every user, application, and device accessing an enterprise.
Some Zscaler customers are already receiving more favourable policies when partnering with cyber insurance underwriters, using Zscaler to accurately quantify business risk. Risk360, a part of the Zscaler Zero Trust Exchange security platform, is a cyber risk quantification service that streamlines cyber insurance applications and renewals.
Built on Zscaler’s powerful Data Fabric for Security, Risk 360 provides organisations with a comprehensive and accurate cyber risk profile. With more than 50 million devices using Zscaler agents to collect and share telemetry, the platform provides in-depth visibility across an IT estate, allowing customers to share their zero trust adoption during the underwriting process.
There’s plenty of other editorial on our sister site, Electronic Specifier! Or you can always join in the conversation by commenting below or visiting our LinkedIn page.
