Zscaler's 2022 VPN Report: As VPN Exploits Grow, 80 Percent of Organizations Shift Towards Zero Trust Security
Key Findings:
- 68% of executives surveyed say their focus on remote work accelerated the priority of Zero Trust Security projects, up from 59% in 2021
- Nearly half of all IT professionals surveyed witnessed an increase in exploits targeting their VPNs since adopting remote work
- 65% of companies are considering adopting VPN alternatives; organizations should be warned of misleading legacy cloud-based VPN offerings masqueraded as
Zero Trust security
“As evident in several high-profile breaches and ransomware attacks, VPNs continue to be one of the weakest links in cybersecurity. Their architecture deficiencies provide an entry point to threat actors and offer them an opportunity to move laterally and steal data,” said Deepen Desai, Global CISO of
Zero Trust Secures Remote Access
While more and more companies have employees returning to the office, 95 percent of surveyed workplaces still rely on VPNs to support a combination of hybrid and distributed work environments that often span multiple geographies. In addition to remote employees, large organizations often extend network access to other external stakeholders, including customers, partners, and contractors. In many cases these users are connecting from untrusted devices on insecure networks, are granted far more freedom than necessary, and result in additional security risks. Unlike cumbersome, insecure VPNs,
Status Quo Falls Behind as VPN Risks Continue To Grow
The increase in the number of remote workers across industries has resulted in a sharp spike in cyberattacks that are tailor-made to target VPN users. As VPNs grant a greater degree of trust to users when compared to
Legacy network security architectures are pervasive and deeply entrenched in corporate data centers, making it difficult to challenge the status quo and adopt new architectures. So it should come as no great surprise that nearly all of the organizations surveyed continue to use VPNs despite knowing they are being targeted by ransomware and malware. Meanwhile, incumbent network security vendors have a vested interest in maintaining the remote access status quo. Organizations should be wary of legacy network access approaches that rely on cloud-based VPN, and examine vendors’ architectures to understand whether they will bring significant benefits in risk reduction and user experience. VPN technology carries the same fundamental shortcomings and risks in cloud virtual machines as it does on appliances, and should be avoided in favor of more modern approaches.
VPN Alternatives Gain Traction
Ongoing risks from legacy VPNs have created a gradual shift towards Zero Trust Security, which provides greater control and flexibility for effective remote access management. 78 percent of organizations surveyed for the VPN Risk Report indicated that their future workforce will be hybrid, creating an ongoing need for this type of security infrastructure in the enterprise.
Since the shift to remote and hybrid work environments, 68 percent of surveyed companies have indicated that they are accelerating their
Click here to download and read the 2022 VPN Risk Report. Click here to download the
Methodology
The 2022 Zscaler VPN report is based on the results of a comprehensive online survey of 351 IT and cybersecurity professionals. The survey was conducted in
About
Zscaler™ and the other trademarks listed at https://www.zscaler.com/legal/trademarks are either (i) registered trademarks or service marks or (ii) trademarks or service marks of
Media Contacts
Global PR Director
press@zscaler.com
Zscaler, Inc.