Okta study: In a post-pandemic world, organisations in Asia Pacific prioritise Zero Trust Security more than other regions; but lag in implementation

SINGAPORE – Media
OutReach – 14 October 2021 –  Across Asia Pacific,
the unprecedented mass migration of organizations’ IT infrastructure to cloud
and digital systems in the past year has compressed years of planned digital
transformation into a matter of months – or even weeks.

While this agility is impressive, the addition of countless new devices,
networks and applications to organizations’ IT ecosystems within a short period
of time has increased businesses’ vulnerability to threat actors, who now have
more avenues to exploit.

The need for Zero Trust Security –
which emphasises a “never trust, always verify” approach through continuous assessment
of user access privileges for individual resources – has thus become crucial,
especially with greater adoption of cloud-based technologies. 

To learn more about how organizations in the region are approaching Zero Trust
Security today, and in a post-pandemic world where hybrid working becomes a
norm, leading independent identity provider Okta surveyed 400 security leaders in Asia
Pacific, as part of a study – The State of Zero Trust Security in Asia Pacific
2021.    

Notably, APAC organizations prioritise Zero Trust
Security the most – COVID-19 has accelerated Zero Trust Security as a priority
in 77% of APAC organizations –  higher
than EMEA (76%), and North America (74%).

Despite the emphasis on Zero Trust Security, at the time of the survey APAC
organizations were clearly lagging their counterparts in EMEA and North America
– only 13% had already implemented a Zero Trust Security strategy, compared to
20% of organizations each in EMEA and North America.

The greatest challenges for Asia Pacific organisations in adopting a Zero
Trust Security infrastructure include:

• Talent/skill shortage (44%)
• Cost concerns (22.3%)
• Technology gaps (14.3%)

“Organisations
across Asia Pacific have practiced hybrid working arrangements for the past
year and a half. Today, most business leaders recognise the value of such
arrangements in driving long term business growth post pandemic, and are
committed to sustaining them,” said Graham Sowden, General Manager, Asia
Pacific, Okta.

“However, it is imperative to the long-term growth of these businesses that
they continue to be vigilant in anticipating new threats that emerge in this
new digital landscape, by continually assessing their current IT
infrastructure, and making strategic investments to stay ahead of threat
actors,” he added.

The study introduces Okta’s Identity Access Management Curve, which reviews
organizations’ identity-driven security practices on everything from the type
of resources they manage, to how they provision and deprovision users.

Adoption in APAC is promising – Stage 1 implementations such as single sign-on
for employees, along with multi-factor authentications have been implemented at
84% of organizations.

However, when it comes to Stage 2 strategies and solutions, there is room for
improvement – for instance, only 35% have implemented secure access to APIs.
Additionally, while only 3% of organizations have context-based access
policies, 40% intend to implement it within the next 12-18 months.

“It is promising that most APAC organisations have the fundamentals covered,” Sowden
adds. “But the reality is that threat actors will only get savvier and find new
avenues to exploit vulnerabilities. Adopting advanced measures like
passwordless technologies − such as
biometrics and contextual factors, for instance – will help businesses
increase security and tackle data breaches more effectively.”