The Zero Trust Impact Report from Illumio and The Enterprise Strategy Group (ESG) surveyed 1,000 information technology (IT) and security professionals in eight countries about their cybersecurity landscapes and the impact of zero trust on their organizations.

Prevalence of cyberattacks, ransomware

The report discovered that 47% of security leaders do not believe they will be breached, despite increasingly sophisticated and frequent attacks. In the past two years alone, more than three-quarters of organizations surveyed (76%) have been attacked by ransomware and 66% have experienced at least one software supply chain attack. 

Respondents say software supply chain attacks (48%), zero-day exploits (46%) and ransomware attacks (44%) are the three cyber threats posing the most risk to their organizations. 

Thirty-six percent of respondents have been the victims of a successful ransomware attack over the past two years. What's more, 82% of respondents who were victims of a successful attack paid a ransom, with the average ransom netting $495,000.

Zero trust methodology

In the Executive Order on Improving the Nation's Cybersecurity, the Biden administration made clear the importance of zero trust strategies for U.S. organizations facing cyberattacks. 

Ninety percent of security leaders report zero trust is one of their top three cybersecurity priorities, and 33% say zero trust is their top cybersecurity priority.

Thirty-nine percent of all security spending over the next 12 months is earmarked to advance zero trust initiatives, according to the report.

For more information, click here.