Zero Trust Network Access (ZTNA) is gaining traction as organizations shift to hybrid work environments, but its implementation is not without hurdles.
Challenges include ensuring seamless integration with existing infrastructure, maintaining user experience, and addressing the complexity of managing diverse user identities.
We asked three experts to discuss the most pressing issues in the ZTNA space and offer guidance on overcoming these obstacles.
Anupam Upadhyaya, VP, Products, Prisma SASE: With the ability to work from anywhere and applications being distributed across clouds and data centers, one of the biggest challenges for organizations today is ensuring secure access and a positive experience for their hybrid users.
If your users face issues when trying to access critical apps and cloud-based services, they will likely try to bypass security controls and therefore leave themselves vulnerable. Adding to this challenge, many users access business-critical applications through consumer browsers that, unfortunately, lack last mile DLP (Data Loss Prevention) and better web security, even with a VPN in place. Meanwhile, threat actors continue to evolve their attacks using AI and automation to bypass security and breach organizations.
For example, phishing continues to be the leading cause of a breach, and we’ve seen attackers using new and advanced techniques that make their phishing attempts more convincing and harder to detect, i.e. AI-generated phishing, Man-in-the-Middle phishing, SaaS-hosted phishing, and much more.
Finally, with users working from anywhere, many organizations may struggle with legacy infrastructure that lacks visibility and granular control over user activity. Read the full Q&A.
Nirav Shah, SVP, Products and Services, Fortinet: There are several challenges that enterprises encounter when considering ZTNA. Firstly, many organizations are transitioning from VPN to ZTNA, which can be a time-consuming undertaking. It’s hard for any company to fully transition to a new technology and user adoption can be slow, even if rolled out with proper training and timelines.
Speaking of transitioning technologies, many organizations are also integrating ZTNA with their endpoint security for more comprehensive protections, the ability to enforce policies throughout their network, and to prevent the spread of attackers within a network. Unfortunately, to properly integrate these solutions, many organizations have to manage multiple tools, agents, and point products. This makes it challenging to ensure user adoption and maintain proper deployments, especially given the shortage of skilled IT staff.
Then there’s the question of managing latency when securing the cloud and applications, both SaaS and on-premises. How do you steer traffic without impacting network performance? This is important because employees tend to bypass solutions when they impact user experience.
Regarding threats, attackers are getting smarter, and their methods are growing in sophistication. Read the full Q&A.
Andrius Buinovskis, Head of Product, NordLayer. Overall, if we are talking about the challenges—the list would be endless, but among the biggest ones are awareness, expertise, and adoption:
- Awareness: The majority of employees do not understand how many attack vectors are out there in the current environment. A big part of that is related to social engineering and opportunistic approaches—there’s a misconception that the victims should be of some importance to be targeted, and that’s simply not the case—it can happen to anyone.
- Expertise: Cybersecurity is an extremely fragmented market due to the constantly evolving threat landscape, varied requirements of different industries, regulations, and a wide range of products and services. It’s extremely difficult for companies to find the right-skilled individuals to mitigate these threats.
- Adoption: This one relates to awareness; however, it is more about accepting some inconvenience and at least adopting tools implemented by the company’s IT department or managed services providers. It would greatly help mitigate threats or at least reduce possible damage in case of an incident.
Threat evolution, with the rise of AI, is jumping to the next level, especially in social engineering and opportunistic attacks. Previously, tailored attacks were carried out by individuals—bad actors—but nowadays, they are all automated with the help of AI. In this environment, everyone has the potential to become a victim. Read the full Q&A.
Further reading:
