New Report Gauges Organizations' Takes on Zero Trust and Deep Worries About Unsafe VPNs

By Alex Passett, Editor  |  August 07, 2023

Zscaler, Inc. has accelerated digital transformations for its clients since 2007. With the support from Zscaler’s teams, its clientele has become more agile, efficient, and secure. This is due largely in part to its cloud-native Zero Trust Exchange platform that protects thousands upon thousands of customers from cyberattacks and data loss by resiliently connecting users, devices and applications in any location with assured safeguards in place.

Zscaler was named a Leader for Security Service Edge (SSE) by Gartner and, since its founding, has secured more than 300 billion total transactions across a customer base that includes 30% of the Forbes Global 2000. This was made possible because Zscaler is well-aware of how critical Zero Trust frameworks are in order to improve protection and reduce and utterly eliminate risk factors.

Last week, Zscaler released the findings of its VPN Risk Report. Produced in junction with Cybersecurity Insiders, the report indicates that a resounding number of today’s organizations are still expressing deep concerns about network security due to risks from not-so-ideal VPNs.

Surveying 382 IT and cybersecurity professionals across multiple industries, here’s your long-story-short breakdown of the report:

  • 88% of companies reported being concerned that VPNs jeopardize their ability to maintain a secure environment.
  • 90% of organizations are apprehensive that attackers will target them through third-party-owned VPNs.
  • User satisfaction remains low; 72% of users expressed frustration due to slow and unreliable VPN connections.

The report further stressed the need for organizations to fully reevaluate their security posture and migrate to a Zero Trust Architecture due to rising threats of cybercriminals exploiting niche or more known VPN vulnerabilities.

“The report shows that 92% of our survey respondents recognize the real importance of adopting a Zero Trust architecture; however, it is concerning to see many organizations are still using a VPN for remote employee and third-party access, inadvertently providing a juicy attack surface for threat actors,” said Deepen Desai, Global CISO and Head of Security Research, Zscaler.

“Legacy firewall and VPN vendors,” Desai continued, “are spinning virtual VPNs in the cloud and claiming that it is Zero Trust, and they go the extra length to hide the word ‘VPN.’ So, customers need to ask the right questions to make sure that they are not getting a false sense of security with these virtualized legacy offerings in the cloud. In order to safeguard against evolving ransomware attacks, it is critical for organizations to prioritize user-to-app segmentation and implement an in-line contextual data loss prevention engine with full TLS inspection.”

Download and peruse the Zscaler VPN Risk Report here.

Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]