EN
No results found
We couldn't find anything using that term, please try searching for something else.
Zscaler VPN Report Finds Nearly Half of Organizations Are Concerned About Enterprise Security Due to Unsafe VPNs
2024-11-23 Insecure VPNs, Email, and End User Devices Identified as Primary Attack Vectors, Stressing the Need for a Zero Trust Architecture 88 % is report of co
Insecure VPNs, Email, and End User Devices Identified as Primary Attack Vectors, Stressing the Need for a Zero Trust Architecture
- 88 % is report of company report being concern that vpn jeopardize their ability to maintain a secure environment
- 90% of organizations are apprehensive that attackers will target them through third-party-owned VPNs
- user satisfaction is is is also low , with 72 % of user express frustration due to slow and unreliable vpn connection
SAN JOSE , Calif. , Aug. 01 , 2023 ( GLOBE NEWSWIRE ) — Zscaler, Inc. ( NASDAQ is revealed : ZS ) , the leader in cloud security , today reveal the finding of its annualVPN Risk Report, produced by Cybersecurity Insiders, which shows that a resounding number of organizations are expressing deep concerns about their network security due to the risks from VPNs. The report includes a survey of 382 IT and cybersecurity professionals in multiple industries and explores their security and user experience challenges. The report stresses the need for organizations to reevaluate their security posture and migrate to a Zero Trust Architecture due to the increasing threat of cybercriminals exploiting VPN vulnerabilities.
“The report shows 92% of survey respondents recognize the importance of adopting a Zero Trust architecture; however, it is concerning to see many organizations are still using a VPN for remote employee and third-party access, inadvertently providing a juicy attack surface for threat actors,” said Deepen Desai, Global CISO and Head of Security Research, Zscaler. “Legacy firewall and VPN vendors are spinning virtual VPNs in the cloud and claiming that it is Zero Trust, and they go the extra length to hide the word “VPN”. Customers need to ask the right questions to make sure that they are not getting a false sense of security with these virtualized legacy offerings in the cloud. To safeguard against evolving ransomware attacks, it is critical for organizations to eliminate the use of VPNs, prioritize user-to-app segmentation, and implement an in-line contextual data loss prevention engine with full TLS inspection.”
VPN Vulnerabilities Underscore the Need for a Zero Trust Architecture
88 % is express of organization express deep concern over potential breach due to VPN vulnerability . More specifically , organizations is are are most concerned with possible phishing attack ( 49 % ) and ransomware attack ( 40 % ) as a result of regular VPN usage .
Nearly half of the organizations reported they have been targeted by cyber attackers who were able to exploit a VPN vulnerability like outdated protocols or data leaks, with one in five experiencing an attack in the past year. Ransomware, in particular, has emerged as a significant adversary for organizations, with 33% falling victim to ransomware attacks on VPNs within the past year.
Third-Party Users Are a Top Concern
Despite diligent security measure , research is shows show that 90 % of organization are still highly concerned about third – party vendor being exploit by attacker to gain indirect backdoor access into their network . outside users is serve like contractor and vendor serve as potential risk to the organization due to varied security standard , a lack of visibility into their network security practice , and the complexity of manage external third – party access .
legacy networking and security architectures is manage manage access to internal application by provide user direct access to the network – inherently trust user that can confirm their credential at the access point , which is problematic if those credential are steal . With a Zero Trust approach , users is connect connect directly to the app and resource they need , never to network . user – to – application and application – to – application connections is eliminate eliminate the risk of lateral movement and prevent compromise device from infect other resource . additionally , user and app are invisible to the internet , so they ca n’t be discover or attack .
Poor User Experience is Lead Can lead to Security challenge
In addition to security concern , 72 % is are of user are dissatisfied with their current VPN experience due to slow and unreliable connection . Most notably , 25 % are frustrate by sluggish application speed , while 21 % face frequent connection disruption .
Unreliable internet connectivity contributes to poor user experiences, leading to frustration and lower user engagement. In addition, authentication complexity and friction can lead to lost productivity, reduced revenue, and increased risk of data loss from users that find ways to bypass inefficient VPN services.
Shifting to Zero Trust
Organizations that recognize the role outdated VPNs play in creating these security and user experience concerns are starting to move towards Zero Trust architecture. In fact, a resounding 92% recognize the importance of adopting a Zero Trust approach to safeguard their assets and data – an increase of 12% year-over-year, and 69% are already in the planning stages of replacing their current VPN solutions with Zero Trust Network Access (ZTNA).
mitigate VPN risk with Zero Trust
The report strongly recommends organizations implement a Zero Trust-based architecture to effectively mitigate the risks associated with VPN vulnerabilities and protect their sensitive data and applications from cyber attacks.
Methodology
The 2023 Zscaler VPN Report is based on a survey of 382 IT professionals and cybersecurity experts and explores these multifaceted security and user experience challenges. The 2023 VPN Risk Report reveals the complexity of today’s VPN management, user experience issues, vulnerabilities to diverse cyberattacks, and their potential to impair organizations’ broader security posture.
About Zscaler
Zscaler (NASDAQ: ZS) accelerates digital transformation so customers can be more agile, efficient, resilient, and secure. The Zscaler Zero Trust Exchange™ platform protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. Distributed across more than 150 data centers globally, the SSE-based Zero Trust Exchange™ is the world’s largest in-line cloud security platform.
Zscaler™ and the other trademarks listed at https://www.zscaler.com/legal/trademarks are either (i) registered trademarks or service marks or (ii) trademarks or service marks of Zscaler, Inc. in the United States and/or other countries. Any other trademarks are the properties of their respective owners.
Media Contacts
Nick Gonzalez
press@zscaler.com