A new research report on the zero trust security market to 2027 published by Marketsandmarkets, suggests that this sector could grow from an estimated value of USD 27.4 billion in 2022 to USD 60.7 billion by 2027, at a CAGR of 17.3% over the study period. Increased frequency of target-based cyber-attacks are driving the market growth along with growth in regulations for data protection and information security and greater need to reduce business and organisational risks.
Multi-factor authentication (MFA) is becoming the most effective identity verification and authentication method that requires persons and software or machines to present multiple identifiers for identity verification. MFA is a critical part of the zero trust model because even if an attacker is able to compromise a particular component, the challenge of breaching an MFA would still prevent them from gaining access. Persistence and lateral movement attacks can also be mitigated through MFA as successful verification is generally not valid for longer than a single session.
Organisations that deal with sensitive payments, as well as user and financial data and information, are bound to adopt MFA solutions according to the PCI DSS guidelines for the payments industry. Furthermore, the rise in demand for enhanced identification and authentication to access sensitive information is a key factor that is projected to encourage the adoption of MFA across industries, such as BFSI, government and defence, IT and telecom, healthcare, retail and e-commerce, energy and power, and manufacturing. Key market players operating in the zero trust security market focus on offering advanced MFA, with the help of vein recognition, thermal image recognition, and hand geometry, further encouraging market growth across countries.
The SMEs in various industries are witnessing digital transformations and leveraging cloud computing to reduce complexities, increase mobility, eliminate on-premises infrastructure, and lower operating costs. According to the Data Breach Investigations Report published by Verizon in 2019, 43% of the cyber attacks are targeted at SMEs, mainly hacking and malware attacks.
As SMEs are increasingly adopting digitalization, they are being exposed to new security risks. This leads the IT teams in SMEs to invest in incorporating improved digital security measures through the adoption of zero trust security solutions. The SMEs operating in verticals, such as retail and e-commerce, manufacturing, healthcare, IT and telecom, food and beverage processing, travel and tourism, and education, are implementing zero trust security solutions, driving market growth.
According to a Cloudflare study involving 1,000 IT and cyber security decision-makers across Australia, India, Japan, Malaysia, and Singapore, awareness of zero-trust security is growing in Asia Pacific, with two-thirds of organisations in the region having already implemented a zero-trust strategy. Among the remaining organisations, 58% stated they would implement a zero-trust strategy in 12 months.
The awareness of security was less in the region, but after the ransomware attacks, such as Samsam and Wannacry, the need for deploying cyber security solutions has increased, which in turn, proved to be a major factor in implementing zero trust security. According to the reports of Palo Alto Networks, IoT-connected devices would be vulnerable to cyber attacks in the near future.
According to the researcher, zero trust security measures, such as biometrics and voice recognition, are the best solutions for securing IoT-connected devices. The governments in Asia Pacific countries are taking steps toward data security. Countries such as India, Japan, and Singapore have updated and introduced new national cybersecurity policies. With the increase in complex cyberattacks and cyberwars between enterprises and hackers, there is a rise in the need for robust cybersecurity solutions, which would be fulfilled by zero trust security.
Major vendors in the global Zero trust security market, and cited by the researchers, include Cisco, Akamai, Palo Alto Networks, Okta, IBM, Zscaler, Citrix, Trend Micro, Check Pont, Broadcom, Trellix, RSA, Forcepoint, Centrify, Illumio, Sophos, Qnext Corporation, Vmware, Microsoft, Cloudflare, Google, Fortine, Cyxtera Technologies, Sonicwall, Varonis, Pulse Secure, and On2it.