Tuesday , June 3 2025
Zero trust

CISCO report
Globally, 9 in 10 organizations embraced zero-trust security

Nearly 90% of organizations have started adopting zero-trust security, but there is still a lot of work to be done, says a report from CISCO.

86.5% of global information security professionals have begun implementing parts of the zero-trust security model. However, only 2% have completed their deployments.

Qualcomm Patches 3 Zero-Days Used in Targeted Android Attacks

Qualcomm has issued security patches for three zero-day vulnerabilities in the Adreno GPU driver, affecting many chipsets that are being...
Read More
Qualcomm Patches 3 Zero-Days Used in Targeted Android Attacks

Critical RCE Flaw Patched in Roundcube Webmail

Roundcube Webmail has fixed a critical security flaw that could enable remote code execution after authentication. Disclosed by security researcher...
Read More
Critical RCE Flaw Patched in Roundcube Webmail

Hacker claim Leak of Deloitte Source Code & GitHub Credentials

A hacker known as "303" claim to breach the company's systems and leaked sensitive internal data on a dark web...
Read More
Hacker claim Leak of Deloitte Source Code & GitHub Credentials

CISA Issued Guidance for SIEM and SOAR Implementation

CISA and ACSC issued new guidance this week on how to procure, implement, and maintain SIEM and SOAR platforms. SIEM...
Read More
CISA Issued Guidance for SIEM and SOAR Implementation

Linux flaws enable password hash theft via core dumps in Ubuntu, RHEL, Fedora

The Qualys Threat Research Unit (TRU) found two local information-disclosure vulnerabilities in Apport and systemd-coredump. Both issues are race-condition vulnerabilities....
Read More
Linux flaws enable password hash theft via core dumps in Ubuntu, RHEL, Fedora

Australia enacts mandatory ransomware payment reporting

New ransomware payment reporting rules take effect in Australia yesterday (May 30) for all organisations with an annual turnover of...
Read More
Australia enacts mandatory ransomware payment reporting

Why Govt Demands Foreign CCTV Firms to Submit Source Code?

Global makers of surveillance gear have clashed with Indian regulators in recent weeks over contentious new security rules that require...
Read More
Why Govt Demands Foreign CCTV Firms to Submit Source Code?

CVE-2023-39780
Botnet hacks thousands of ASUS routers

GreyNoise has discovered a campaign where attackers have gained unauthorized access to thousands of internet-exposed ASUS routers. This seems to...
Read More
CVE-2023-39780  Botnet hacks thousands of ASUS routers

Bangladesh Bank instructed using AI to prevent online gambling

The rise of online gambling in the country is leading to increased crime and societal issues. In response, the central...
Read More
Bangladesh Bank instructed using AI to prevent online gambling

251 Amazon-Hosted IPs Used in Exploit Scan for ColdFusion, Struts, and Elasticsearch

Cybersecurity researchers recently revealed a coordinated cloud-based scanning attack that targeted 75 different exposure points earlier this month. On May...
Read More
251 Amazon-Hosted IPs Used in Exploit Scan for ColdFusion, Struts, and Elasticsearch

Cisco measures maturity based on four “pillars”:

  • Identity, which includes multi-factor authentication (MFA)
  • Device, which includes continuous validation of users’ devices
  • Network and workload, which includes network detection and response, as well as micro-segmentation
  • Automation and orchestration, which includes security orchestration and automated response (SOAR)

ALSO READ:

Windows hello fingerprint auth bypassed on Microsoft, Dell, Lenovo laptops

Organizations don’t need to implement all four pillars of zero trust to see benefits. For instance, completing the identity pillar lowers the risk of ransomware events by almost 11%. Completing the network and workload pillar reduces the likelihood of malicious insider abuse by 9%.

Organizations that have implemented all four pillars have a big payoff. Only 2% of the survey sample falls into this category. These organizations are two times less likely to report security incidents compared to those who are just starting their zero-trust journey. To read the full report click here.

Big jump toward zero trust:

Survey results this year show that organizations are becoming more aware and mature regarding the concept of zero trust. This was noted by J. Wolfgang Goerlich, a Cisco Advisory CISO.“In past studies, a significant part of the sample said they had zero trust in place and were good to go.”

“This year we dug into the technology stack and asked them what technologies they were using, what zero trust aspects have they deployed,” Goerlich continues. “In doing that, our findings went from a large percentage of people saying they deployed zero trust to 2% saying they made progress across all the pillars. That reflects a maturation in security and IT leaders’ understanding of zero trust. Two years ago, people would say, ‘I did identity. I’m good.’ Now that they’re into a real strong push behind zero trust, they’re realizing they need device controls, network coverage, and automation and orchestration.”

“The more organizations know about zero trust, the less they feel competent in zero trust,” Goerlich adds. “The more they learn, the more they realize they need to go further.”

 

Check Also

mobile

Bank server compromised using customer’s mobile, steal ₹11 crore

Cyber fraudsters hacked the Himachal Pradesh State Cooperative Bank’s server using a customer’s mobile phone. …

Leave a Reply

Your email address will not be published. Required fields are marked *