Companies struggling with hybrid IT and zero trust controls – Pulse Secure
.jpg)
Software-defined access solutions provider Pulse Secure has released a report that quantifies the threats, gaps and investment as organisations face increasing hybrid IT access challenges.
The 2019 State of Enterprise Secure Access report surveys large enterprises in the US, UK and DACH (Germany, Austria, Switzerland), uncovering business risk and impact resulting in a pivot towards extending Zero Trust capabilities to enable productivity and stem exposures to multi-cloud resources, applications and sensitive data.
While enterprises are taking advantage of cloud computing, the survey data showed all enterprises have ongoing data centre dependencies.
One-fifth of respondents anticipate lowering their data centre investment, while more than 40% indicated a material increase in private and public cloud investment.
According to the report, the shift in how organisations deliver Hybrid IT services to enable digital transformation must also take into consideration empowering a mobile workforce, supporting consumer and IoT devices in the workplace and meeting data privacy compliance obligations – all make for a challenging environment to ensure, monitor and audit access security.
"What was consistent across enterprise sizes, sectors or location was that secure access for hybrid IT is a current and growing concern with cyber threats, requirements and issues emerging from many sources,” says IDG Connect editorial director Martin Veitch.
“The reporting findings and insights should empower corporate leadership and IT security professionals to rethink how their organisations are protecting resources and sensitive data as they migrate to the cloud.”
Key Findings
The survey found the most impactful incidents were contributed by a lack of user and device access visibility and lax endpoint, authentication and authorisation access controls. Over the last 18 months, half of all companies dealt with malware, unauthorised/vulnerable endpoint use and mobile or web apps exposures.
Nearly half experienced unauthorised access to data and resources due to insecure endpoints and privileged users, as well as unauthorised application access due to poor authentication or encryption controls.
While a third expressed significant confidence, 61% of respondents indicated modest confidence in their security processes, human resources, intelligence and tools to mitigate access security threats.
The survey revealed the top access threat mitigation deficiencies:
- Defining app, data and resource access and protection requirements
- Defining, implementing and enforcing user and device access policy
- Provisioning, monitoring and enforcing BYOD and IoT device access
When survey participants were asked what they perceive as their largest operational gaps for access security, the majority identified hybrid IT application availability; user, device and mobile discovery and exposures; weak device configuration compliance; and inconsistent or incomplete enforcement.
Correspondingly, the participants stated that their organisations are stepping up their access security initiatives:
- 48% improving endpoint security, remediation prior to access
- 46% enhancing IoT discovery, isolation and access control
- 44% fortifying network and cloud access visibility and resource segmentation
The cited incidents, threat mitigation deficiencies and operational gaps are among reasons for the interest in a Zero Trust approach for access security.
A Zero Trust model authenticates, authorises and verifies users, devices, applications and resources no matter where they reside.
It encompasses proving identity, device and security state before and during a transaction; applying a least privilege access closest to the entities, applications and data; and extending intelligence to allow policies to adapt to changing requirements and conditions.
Adding to management complexity, the report also found that organisations employ three or more secure access tools per each of 13 solutions presented in the survey.
Larger companies have about 30% more tools than smaller enterprises.
Correspondingly, nearly half of respondents were open to exploring the benefits of consolidating their security tools into suites.
With the migration to the cloud, one tool of interest cited by respondents as being implemented or planned over the next 18 months is Software Defined Perimeter (SDP).
Research Highlights
- 91% of enterprises plan to increase secure access expenditure over the next 18 months; 30% anticipate an increase spend between 15% to 25%
- 44% of enterprises use data centre in conjunction with public cloud, 30% in conjunction with private cloud, and 26% utilise all three delivery environments
- 46% of large enterprises prefer data centre and private cloud; primarily preferred by financial services and UK-based companies
- 49% or more cited significant access incidents due to malware, unauthorised and vulnerable endpoint use and mobile and web app exposures - healthcare organisations experienced greater mobile and web app exposures
- 81% expressed gaps in hybrid IT application availability - financial services experienced the most business impact related to application availability
- 78% indicated the need for greater visibility of users, endpoints and mobile devices; more evident in large enterprises and those in the DACH region
- 42% will focus on refining privileged user or service account-based access – a top priority in financial services and manufacturing
- 48% stated a willingness to explore secure access tool consolidation into suites
- 56% stated a project or pilot of Software Defined Perimeter technology over the next 18 months
- Over 38% of respondents outsource secure access capabilities to Managed Security Service Providers (MSSPs) with additional MSSP usage to grow 10% by 2021
The independent research for the report, which offers key insights into the current access security landscape and the maturity of defences, was conducted by IDG Connect.
Survey respondents included more than 300 information security decision makers in enterprises with more than 1,000 employees across US, UK and DACH regions, and covered key verticals including financial services, healthcare, manufacturing and services.
source securitybriefeu
Industry: Cyber Security News
Latest Jobs
-
- Identity and Access Management Consultant (Saviynt & Microsoft Entra) | UK
- United Kingdom
- N/A
-
Role summary Technical IAM consultant delivering identity governance and cloud identity solutions to enterprise clients. What you will do Implement / Configure / Deploy Saviynt IGA / Microsoft Entra solutions: Lead technical workshops, gather requirements and translate into solution designs. Troubleshoot complex issues, support testing and deployments. Produce technical artefacts and configuration guides. Key skills Hands-on Saviynt IGA experience (workflow, connectors, access governance). Strong practical knowledge of Microsoft Entra ID / Azure AD identity and access controls. Understanding of identity protocols (SAML, OAuth, OpenID Connect) and hybrid identity. Experience with APIs / REST for integrations and automation. What we are looking for Proven delivery experience in IAM / IGA projects, preferably in consulting. Confident communicator with client-facing delivery exposure.
-
- Cyber Security Technical Presales Consultant | UK | Managed Services SOC / Pentesting etc
- England
- N/A
-
Experienced Technical Pre Sales Cybersecurity Consultant to support organisations across the UK. This role focuses on delivering advisory, high level solution design, and security uplift services that improve security outcomes, address operational challenges, and enable informed technology decisions within complex and regulated environments. The position blends technical pre sales expertise with a consultative approach, working closely with technical, operational, and commercial stakeholders to shape effective and scalable cybersecurity solutions such as Managed Services SOC / Pentesting etc The individual must be able to achieve UK Security Clearance. Key Responsibilities Provide technical pre sales support across cybersecurity solutions and services for organisations operating across multiple industry sectors Engage stakeholders to understand security challenges, risks, compliance requirements, and operational pain points Deliver advisory guidance and recommendations to strengthen security posture and organisational resilience Translate customer requirements into clear, outcome focused technical and commercial solution designs Act as a trusted technical advisor throughout the sales and early delivery lifecycle Produce clear technical documentation, recommendations, and customer facing materials suitable for regulated environments Collaborate closely with sales, delivery, and technical teams to align solutions with customer needs Experience and Skills Proven experience in technical pre sales or cybersecurity consultancy Experience working across multiple industries, ideally within regulated or complex environments Broad knowledge of cybersecurity technologies, managed services, and risk based approaches Strong communication skills with the ability to engage both technical and non technical stakeholders Confident operating in a client facing, consultative role UK based role with remote working Occasional travel for customer engagement as required
-
- Cyber Security Technical Presales Consultant | UK | Managed Services SOC / Pentesting etc
- England
- N/A
-
Experienced Technical Pre Sales Cybersecurity Consultant to support organisations across the UK. This role focuses on delivering advisory, high level solution design, and security uplift services that improve security outcomes, address operational challenges, and enable informed technology decisions within complex and regulated environments. The position blends technical pre sales expertise with a consultative approach, working closely with technical, operational, and commercial stakeholders to shape effective and scalable cybersecurity solutions such as Managed Services SOC / Pentesting etc The individual must be able to achieve UK Security Clearance. Key Responsibilities Provide technical pre sales support across cybersecurity solutions and services for organisations operating across multiple industry sectors Engage stakeholders to understand security challenges, risks, compliance requirements, and operational pain points Deliver advisory guidance and recommendations to strengthen security posture and organisational resilience Translate customer requirements into clear, outcome focused technical and commercial solution designs Act as a trusted technical advisor throughout the sales and early delivery lifecycle Produce clear technical documentation, recommendations, and customer facing materials suitable for regulated environments Collaborate closely with sales, delivery, and technical teams to align solutions with customer needs Experience and Skills Proven experience in technical pre sales or cybersecurity consultancy Experience working across multiple industries, ideally within regulated or complex environments Broad knowledge of cybersecurity technologies, managed services, and risk based approaches Strong communication skills with the ability to engage both technical and non technical stakeholders Confident operating in a client facing, consultative role UK based role with remote working Occasional travel for customer engagement as required
-
- New Business Sales lead | UK - Cyber Security | New Logo sales
- United Kingdom
- Uncapped OTE
-
New Business Sales lead | UK - Cyber Security | New Logo sales UK Remote An established EMEA technology organisation is hiring a senior New Business Sales lead to take ownership of UK growth. An opportunity built for someone ready to take advantage of competitors who have taken their eye off the ball and turn that into sustained market share. This role is for someone proven. A self-starter who does not need micromanagement, knows how to win market share, and wants the backing of a larger business while building success their own way. You will lead and shape new logo acquisition, define and execute go-to-market strategy with regional leadership, and drive growth across cybersecurity, digital transformation, Microsoft modernisation etc. This is a new business sales role, with budget and full sales lifecycle responsibility. The goal being to build a wider a sales function beneath you as revenue scales. Experience across Financial services, manufacturing, industrial etc helpful. UK-based, remote-first, client-facing when needed. Competitive base salary with uncapped earnings.