2 hours ago
2
Zscaler, which provides a cloud-based zero trust platform to over 9 000 customers worldwide, has reported a 146 per cent increase in the number of ransomware attacks it blocked between April 2024 and 2025.
Eric Swift, Zscaler’s vice president and managing director Australia and New Zealand, says it’s not just big businesses that are in cyber criminals’ sights. “The threat actors are becoming far more sophisticated and supercharging their capability with AI and related technologies,” Swift says. “It used to be that certain organisations could say, ‘No one’s looking for us — they’ll go after the biggest organisations with the richest rewards.’ Now, with the advent of automation and AI, they can be much more effective and much more targeted, and they can attack organisations of all sizes and types.”
Zero trust architecture was conceived about a decade ago and is now achieving widespread adoption.
Arachchilage agrees that the adoption of zero trust is growing fast. “Large enterprises, banks and government agencies have been early adopters, but more mid-sized and smaller businesses are starting to implement it as remote work, cloud services and cyberattacks become the norm,” he says.
“Industry reports suggest that in the next few years, zero trust will be the standard approach for most organisations handling valuable or sensitive data.”
Step by step
Businesses adopting a zero trust system should be prepared for some hurdles, Arachchilage warns. “The main challenges are cost, complexity and cultural change: staff and systems need to adapt to stricter security controls, and this can feel inconvenient at first,” he says. “But the long-term payoff in security is worth it.”
Swift recommends businesses take a stepped approach to zero trust adoption, firstly by using zero trust to control remote access to the internet and replace VPNs. “Then you go to the next step, which is all access of users going through zero trust, whether they’re inside your building or outside your building,” he says.
The next step is to apply zero trust to connections between applications and resources, such as an accounting system connecting to an enterprise resource planning system.
Swift says as well as minimising risk, zero trust architecture can reduce operational costs and the hard costs of security appliances and services.
For businesses that find themselves on the wrong end of a cyberattack, the cost of not upgrading their cybersecurity could be severe. Arachchilage believes businesses that fail to adopt zero trust will put themselves at increased risk of data breaches, which might lead to financial losses, damage brand reputation, invite regulatory penalties and erode customer trust.
“They risk being the low-hanging fruit for attackers,” he says.
Click here to discover how Zscaler helps organisations of all sizes adopt a zero trust model to secure their future.
