Why Zero Trust Architecture Will Become the New Normal in 2021

Webinar: Why Zero
Trust Architecture Will
Become the New
Normal in 2021
Brian Parks
Head of Go to Market
Cloudflare One
Featuring guest
Dr. Chase
Cunningham
VP - Principal Analyst
Forrester

In 2020, baboons
learned to use
chain saws
It doesn’t get more 2020
than that . . .

ZT Day
Everybody, “go work from home.”
Friday, March 13, 2020

We are all outside the perimeter now . . .

• In response to COVID-19: 47% of
respondents we surveyed say their
organization has transitioned at least 50%
of the workforce to the home, and 48%
anticipate a permanently higher rate of full-
time remote employees.
• And employees increasingly expect it: 53%
of US workers say, "I hope I can work from
home more even after this crisis is over,"
according to our PandemicEX survey.
Global remote working
pre-pandemic
Source: https://www.forrester.com/report/The+State+Of+Remote+Work+2020/-/E-
RES139899

US WFH estimates
by persona: pre- vs
post-pandemic
Source:
https://www.forrester.com/report/Intelligent+Automation+Will+Push+Organizations+Flat+Wide+And+Anxious/-/E-
RES157537
For description and examples for each persona, see:
https://www.forrester.com/report/Future+Jobs+Plan+Your+Workforce+For+Automation+Dividends+And+Deficits/-/E-
RES145936?objectid=RES145936

We Are Currently
In Phase 3
Source: https://www.forrester.com/report/Returning+To+Work+How+To+Prepare+For+Pandemic+Recovery/-/E-
RES160660?objectid=RES160660

Prepare for fundamental changes to business
and technology
• Customer expectations shift on the spectrum of
safety and convenience
• Businesses ride the digital engagement wave to
create hybrid experiences
• Firms and governments invest in the once-
impossible to drive the future of work
• Smart firms retire technical debt fast and then
ride the tech disruption wave
• Business resiliency becomes a competitive
advantage
Five macro shifts in the
new, unstable normal
Source:
https://www.forrester.com/report/The+New+Unstable+Normal+How+COVID19+Will+Change+Business+
And+Technology+Forever/-/E-RES161461?objectid=RES161461

© 2020 Forrester. Reproduction Prohibited.
The world is operating in a fundamentally different way.
Businesses are rethinking the way they approach security and
support their customers and employees.
“Which of the following changes have impacted your organization the most in 2020?”
Advancements in AI and automation technologies
Employee health concerns from the COVID-19 pandemic
The impact of COVID-19 on the broader economy
The shift to a distributed working model
Changes to how our customers do business with us
The impact of COVID-19 on our company's revenue and
planning
Rank 1 Rank 2 Rank 3
Base: 317 Global Director + security decision makers at mid-size and large companies.
Source: A commissioned study conducted by Forrester Consulting on behalf of Cloudflare, September 2020
64%
53%
52%
44%
32%
31%

Top 5 features that
matter to
consumers in their
product selection
Safe web browsing
Multiple services in the product
Ability to use product across
multiple devices
Identity protection services
Service provider’s reputation
Base: 754 Online adults who have purchased cybersecurity service in past 6 months

State of US SMBs
US Small Business Administration Formal Definition:
• Non-Manufacturing – 500 employees or fewer
• Other specific sectors – 1,500 employees or fewer
(e.g., courier services)
• Or annual receipts in ranges
• $1 Million to $41.5 Million
• Uses NAICS industry categorization system
99.9%
• of the business in the US qualify as a small
business (30.7 million businesses)
59.9 million
• US individuals employed by small businesses
(47.7% of US employees)
Source: https://www.sba.gov/document/support--table-size-standards
Source: https://cdn.advocacy.sba.gov/wp-content/uploads/2019/04/23142719/2019-Small-Business-Profiles-US.pdf

Security leaders expect Zero Trust adoption
to enable digital business transformation,
improve network visibility, and enhance
employee experience (EX).

Lead with Zero Trust as your strategy
• 78% of organizations are moving to embrace Zero Trust.
• 9% of the DoD has adopted ZT as a long-term strategy.
• 13% of the major financial sector is adopting ZT.
• 14% of healthcare is enabling ZT.
• 89% of S&R leaders agree that the perimeter-based model has failed.
• 2020 Wave started with 130 potential vendors in the mix.
Source1:: https://www.microsoft.com/en-us/microsoft-365/business-insights-ideas/resources/should-you-use-zero-trust-for-your-company-network

“Our organization plans on adopting Zero Trust as
large enterprises and the US government have
indicated there are significant strategic benefits to this
new approach.”
Base: 107 Global Director + security decision makers at mid size companies.
71%
Agree/Strongly Agree

“How has your organization's thinking on Zero Trust
has changed in 2020?”
Our organization has run at least one new Zero Trust-
oriented pilot this year.
Our organization has elevated the role of the CISO to
board-level visibility because of our focus on Zero Trust.
Our organization has developed a clearer shared
understanding of Zero Trust security concepts.
Our organization has a developed a clearer shared
understanding of Zero Trust's business benefits and…
Our organization has committed to migrating to a Zero
Trust security architecture.
Agree Strongly agree
Base: 107 Global Director + security decision makers at mid size companies.
84%
64%
56%
37%
32%
Please rate the following statements about how your organization's thinking on Zero Trust has changed in 2020.

<1,000 Employees 1,000+ Employees
Top 5 Zero Trust Benefits
Enabled digital business transformation
Improved network visibility
Reduced scope and cost of compliance initiatives
Improved employee experience via easier, more secure,
and faster access to applications
Improved flexibility to extend access to third parties
securely
Enabled digital business transformation
Improved employee experience via easier, more secure,
and faster access to applications
Increased data awareness and insights
Improved network visibility
Prevention of malware propagation

“What are the biggest risks associated with your
current security approach?”
Applications protected by VPN/IP address alone
Little to no management over network traffic
Limited oversight on third-party access (e.g., contractors,…
Applications protected by username/password alone
Limited visibility into user activity inside applications
No centralized/standardized identity sources
Little to no management over end user devices
Applications and data exposed to the public internet
Internal IT/security staffing (bandwidth, shortages, or cuts)
Rank 1 Rank 2 Rank 3 Rank 4 Rank 5
85%
76%
59%
47%
41%
34%
27%
24%
15%

You are on your own
• Since March 2020, attacks on federal
systems are up by 700%.
• IP blocks and domain-related attacks
are up by 200% day by day.
• Phishing is up by 400%.
• Everyone is busy!
Source: https://www.insurancebusinessmag.com/us/news/cyber/fbi-sees-a-400-increase-in-reports-of-
cyberattacks-since-the-start-of-the-pandemic-231939.aspx

31%
32%
36%
44%
44%
44%
19%
22%
28%
32%
32%
36%
Our organization has struggled to maximize remote workers'
productivity without exposing them or their devices to new risks
Our organization struggled to reprovision and maintain VPNs as
we shifted to a more remote workforce
Legacy network security tools are no longer effective in
protecting our corporate data
Our organization's existing security approach is antiquated, and
we need to accelerate our shift to a Zero Trust framework.
We struggle to shift to a Zero Trust approach due to the
complexities of user access needs at our organization
Our organization accelerated our cloud transformation efforts in
2020, but we were unprepared
80%
76%
76%
64%
54%
50%
Change Happens…Whether We Are Ready Or Not
Please rate your agreement with the following statements.

18%
26%
32%
35%
40%
46%
45%
47%
12%
19%
28%
26%
31%
35%
38%
40%
Facilitating IT integration for merged or acquired businesses
Improving security for Internet-of-things (IoT) applications
Optimizing our identity access management (IAM)…
Enabling fluid and secure onboarding offboarding of third-…
Replacing overburdened VPNs
Starting or expanding a bring-your-own-device (BYOD)…
Ensuring safe and fast developer access
Enhancing visibility into cloud workloads across…
Important Very important
87%
83%
81%
71%
61%
60%
45%
30%
“How important are the following use cases to Zero Trust
adoption in your org within the next year?”

“How have changes in how customers doing business with you
impacted your organization's IT security approach?”
3%
24%
33%
30%
28%
23%
None of these apply
Forced us to rethink our approach to IT security
Increased executive buy-in to accelerate our digital
transformation efforts
Forced us to rapidly scale support of remote workers
Accelerated our shift to adoption a Zero Trust approach
Increased budget allocations to IT security
Changes to how our customers do business with us

Turn their strength against them
• Seek out and eliminate default configurations.
• Kill the password.
‒ 88% of all breaches began here.
• Kill the VPN.
‒ 94% of users despise the VPN.
‒ The single largest vulnerability scanned on the internet is remote admin.
• Remove excessive privileges.
• Patch, patch, and patch.
Source: https://www.insurancebusinessmag.com/us/news/cyber/fbi-sees-a-400-increase-in-reports-of-
cyberattacks-since-the-start-of-the-pandemic-231939.aspx

Please rate the following statements about how your organization's thinking on Zero Trust has changed in 2020.
26%
29%
35%
39%
46%
13%
20%
30%
32%
36%
Our organization has run at least one new Zero Trust-
oriented pilot this year.
Our organization has elevated the role of the CISO to
board-level visibility because of our focus on Zero Trust.
Our organization has developed a clearer shared
understanding of Zero Trust security concepts.
Our organization has a developed a clearer shared
understanding of Zero Trust's business benefits and
applications.
Our organization has committed to migrating to a Zero Trust
security architecture.
Firms of all sizes are “committed” to migrating to ZT
82%
71%
65%
49%
39%

Alone is…Lonely

Brian Parks
Go to Market Leader, Cloudflare for Teams
Why Zero Trust Architecture Will Be the New Normal in 2021
Find Zero Trust wins with
Cloudflare

2020 changed everything for security teams. What’s next?
82%
say they are committed to
embracing Zero Trust
security architecture.
64%
believe their legacy network
security tools are no longer
effective at protecting data.
80%
of security decision makers
said their businesses were
unprepared to manage the
massive acceleration in
cloud transformation that
was forced on them by the
pandemic.
29FORRESTER OPPORTUNITY SNAPSHOT: A CUSTOM STUDY COMMISSIONED BY CLOUDFLARE, OCTOBER 2020

The 4 Hour ZT Journey
Delivering real Zero Trust
value in hours instead of
days, weeks, or months is
the key to getting started.
Performance AND Security
Cloudflare doesn’t force you
to compromise on the user
experience, ensuring users
won’t try to get around your
security measures.
Zero Trust for everyone
Zero Trust matters for
teams of all sizes, and
Cloudflare is committed to
democratizing access to
Zero Trust security.
Cloudflare’s commitments
30

Remember when things were simple?

Enterprise Networks were built for 2010

Organizations need a network that is
fast, secure, and reliable
to connect users to the resources they need.
Network security was Perimeter Security.

The way we worked changed...but the network did not
Applications moved to the Cloud Users left the building

The network must be:
● Everywhere
● Secure
● Fast
● Reliable
● Intelligent
● Software-defined
The Internet is now the corporate network
HOW DO YOU BUILD A PERIMETER AROUND THE INTERNET?

Hardware / Software (Buy) Yesterday Services / Cloud (Consume) Tomorrow
Evolution of the technology stack

Cloudflare edge network - The network is the computer
Cloudflare city
Approximate area inside
which Cloudflare’s network
is reachable within 100ms
via the Internet
Note: map data as of
Jan 15, 2020 25M+
Internet properties
200+
cities and 100+ countries
72B
cyber threats blocked each day
in Q2’20
99%
of the Internet-connected
population in the developed world is
located within 100 milliseconds of
our network
42 Tbps
of network capacity

Zero trust is the shift from a perimeter security model (castle
and moat) to one that always requires authentication of the
user or device before allowing access to applications and data.
“Never trust, always verify.”
Chase Cunningham, Forrester Analyst
*Zero Trust Network Access is also known as Software Defined Perimeter.
39
Zero Trust Security
"Bust The Zero Trust Myths", by Jinan Budge and Chase Cunningham, Forrester Research, Inc., June 22, 2020

Bridging the adoption divide
82% of
organizations are
committed to
adopting to Zero
Trust architecture.
But only 39%
could identify an
active pilot project
in 2020.
Why?
FORRESTER OPPORTUNITY SNAPSHOT: A CUSTOM STUDY COMMISSIONED BY CLOUDFLARE, OCTOBER 2020

Security teams are spread thin
80% of respondents view lack of
internal IT security staffing and
bandwidth as one of the biggest
security risks today.

Identity and access management is a common blocker
66% of security leaders surveyed
said they struggled to shift to a
zero trust approach due to the
complexities of user access needs
in their organization.

Getting started next year: popular pilot projects
1. Ensuring safe and fast developer
access (selected as important by
83% of respondents).
1. Starting or expanding a bring-your-
own-device (BYOD) program
(selected by 81% of respondents).
1. Replacing overburdened VPNs
(selected by 71% of respondents).

How Cloudflare One can enable quick wins
Enable fast and safe
connections to DevOps apps.
Traditional remote access
approaches cause latency and
headaches for developers.
Cloudflare Access makes it
easy and safe for developers to
log in to infrastructure and
staging sites without the need
for a VPN.
Make personal devices safe
for business use.
Employees need flexibility to
connect to work apps from
their personal device.
With Cloudflare Gateway, any
personal device can be made
safe for business use, and
employees have a simple toggle
to “Switch On” work mode on
their personal devices.
Replace VPNs with
Cloudflare’s massive global
network
Surging remote work has put
additional strain on VPNs.
Cloudflare Access offers a
more modern, scalable
approach to securing corporate
apps.

Complete control of access to applications
Enforce Zero Trust access for ALL applications on a
per-user basis with easy-to-create and manage rules.
Extend identity based security with more signal
Improve security with context awareness such as device
posture. Enforce more granular policies such as hard key
requirements for your most sensitive applications.
Deliver fast applications to devices anywhere
Users get secure and seamless access to all applications
faster from anywhere thanks to Argo Smart Routing.
Deploys quickly and easy to manage
Leverage existing identity providers and connect applications
to Cloudflare with a secure Argo Tunnel.
Monitor User Access and Change Logs
View and search real-time access logs in the dashboard or
integrate with a third party SIEM.
Zero Trust Access - Access on a One to One relationship
CLOUDFLARE ACCESS

Complete visibility from a single pane of glass
Log and monitor all internet traffic, on and off your network for
unprecedented levels of granular visibility that can be viewed in
the dashboard or integrated to your SIEM.
Simplify internet security and compliance
Easily apply DNS and URL filtering rules to protect your users on
the open internet and enforce compliance.
Eliminate threats on our edge not in your environment
Gateways policy engine blocks threats on our network before they
reach yours and you can leverage our proprietary threat intelligence
to inform those policies.
Deploys quickly and easy to manage
Setup can be performed in minutes with easy to configure policies
that do not require security expertise to operate.
Never compromise on performance
End-users get an amazing experience leveraging the world’s fastest
public DNS resolver.
Secure Web Gateway - Internet breakout at the unit of One
CLOUDFLARE GATEWAY

Perfected Internet security
Next generation RBI technology isolates the browsing session in a
disposable container on our edge network, ensuring threats never
make their way to corporate devices. Combined with Gateways
policy enforcement security administrators can sleep peacefully.
Security and performance without compromises
Pixel-pushing delivers on the security promise, but is useless as it
renders websites broken, slow, and both bandwidth and compute
intensive. DOM rendering provides a slightly better experience,
but fails on the security side. Cloudflare’s unique approach doesn’t
compromise.
A better user experience than local browsing
Cloudflare Browser actually reduces bandwidth utilization and
provides a faster browsing experience from the same browser
they use today
A global solution delivered from a global network
Thanks to Cloudflare’s edge network performance is always
reliable and fast with remote browsing occurring within 100ms
of 99% of internet users globally
Remote Browser Isolation - Browsing-as-a-Service
CLOUDFLARE BROWSER

The 4 Hour ZT Journey
Delivering real Zero Trust
value in hours instead of
days, weeks, or months is
the key to getting started.
Performance AND Security
Cloudflare doesn’t force you
to compromise on the user
experience, ensuring users
won’t try to get around your
security measures.
Zero Trust for everyone
Zero Trust matters for
teams of all sizes, and
Cloudflare is committed to
democratizing access to
Zero Trust security.
Cloudflare One Summary
49

Next steps
1.Set up a Cloudflare for Teams account at
dash.cloudflare.com/sign-up/teams. Your first 50 users are
always free.
2.Download the study at cloudflare.com/lp/forrester-
opportunity-snapshot-zero-trust
3.Sign up for the Cloudflare Browser Isolation beta at
cloudflare.com/teams/browser-isolation

Why Zero Trust Architecture Will Become the New Normal in 2021

More Related Content

What's hot (20)

Similar to Why Zero Trust Architecture Will Become the New Normal in 2021 (20)

More from Cloudflare (20)

Recently uploaded (20)

Why Zero Trust Architecture Will Become the New Normal in 2021