The global tech sector is moving to a zero trust model to improve system security and combat cyber crime, but many are struggling to make it work.
A study commissioned by Datacom indicates 83 percent of 204 information technology (IT) decision-makers in Australia and New Zealand see zero trust as the future of their firms' security.
Zero trust is about ensuring everyone accessing a system was verified and authorised before gaining access to information, devices and networks.
"A zero trust approach keeps your people and your organisation safe by giving the right people access to the right data and applications and removing unnecessary risks," Datacom's chief information officer Karl Wright said, adding that communication was key to getting stakeholder support.
More than half (58 percent) of decisions makers indicated they were well on their way to implementing zero trust, 17 percent were yet to begin and 46 percent thought their inhouse teams lacked time or expertise to adopt best practices effectively.
It also found there was a perception that zero trust was expensive, with most choosing not to overhaul their systems.
More than two thirds (69 percent) of respondents said they were "adopting zero trust piecemeal rather than taking a big-bang structured approach".
Wright said piecemeal adoption might work well in the short term but could lead to inefficiencies with organisations facing additional integration and operational costs in the long run.
"Implementing a zero trust approach is not as simple as adopting a new piece of technology and organisations really need to consider adopting a change management approach," Wright said.
He said the value of communication was vastly underestimated, with 52 percent of decision-makers rating technical knowledge as the most important factor in driving zero trust programmes, while just 13 percent identified communication as important.
"Employees need to know that zero trust is not about locking them out of the apps and data they need."
Wright said the study highlights several potential barriers to successful implementation of zero trust that need to be addressed, "including one surprising group of detractors - those responsible for implementing and managing it".