It’s official: Zero Trust now favored by 96% of organisations

Zero Trust began as an abstract concept in 1994 and has evolved into an established security approach. More than 800 information security decision-makers around the world were surveyed to compile our latest report, The State of Zero Trust Security 2023. This report takes a detailed look at where Zero Trust adoption stands today, providing answers on key Zero Trust themes such as: How many organisations have implemented Zero Trust policies, or plan to? What regions and industries are the most “all-in” on Zero Trust? And what kinds of challenges might be preventing additional adoption?

Here are some key takeaways from Okta’s The State of Zero Trust Security 2023.

1. Zero Trust has quickly shifted from plan to reality

The number of organisations with a defined Zero Trust (ZT) initiative in place continues to grow. A healthy 61% of organisations in this year’s report say they’ve implemented ZT strategic initiatives, while another 35% say they plan to soon. The data suggests we’re far past the “tipping point” for Zero Trust; this is no longer a “will this happen?” but rather, “this is happening.” 


 hXKTEK6WtjauYUvls7Pb1o4AHnwTxpXrS4o7EqFzI5NepkW LAh6FOybYLJFoANgh9yX7pNxwhsciAnjutanOJYV0TtXtMKc2H WimUm8WerlEFMm0nHdgGABqeKk o sPqz2CHrmJgYM9drr7aPdLw

2. Zero Trust budgets continue to rise no matter the macroeconomics

In an age when budget concerns can drive cost-cutting, Zero Trust spending continues to grow. This year, a full 80% of global survey respondents report budgets for Zero Trust security initiatives increased year over year. That includes 20% whose spending increased by a significant 25% or more.


diCBUo SH4qCKqk1vfwRy4H3GQV66H4r2EDW KyV3eAIgfqRNsx5nFnl5f7GFLWkWdxvmzeU9TR0VeZ8gWNLTL5M4dLQGZ0Po 8i6yQNX4lYhUTUqQifu q5oyYLd1M6I GNAUVyboY4mD79p 7dEKo

3. Identity is mission critical for Zero Trust

One of the biggest shifts from our last report centres on Identity’s role in our respondents’ overall security strategies. Last year, 27% of global respondents said Identity was “extremely” important; this year that number has nearly doubled, to 51%.

North America leads the way, with 64% of respondents rating Identity as “extremely important” to their Zero Trust security strategies. But across all regions, the total importance of Identity (either “extremely” or “somewhat” important) is both high and consistent, ranging from 90% in APJ (Japan and Australia) to 96% in North America. 


nausf50CPUNAW uW9TZHrS3DuE TXIeGd Agt9xLe6pFRM7t SArT2FcPsQBsx0Hzwcpam7KcCLmghxNS2F1v4LLAXWpdLDEoeka ubRCAw 0yfQ1yo75C8YxIHpfW24xIkdrMwCIq9PnTPZmg5SNiQ

4. Challenges to Zero Trust adoption remain

This year, respondents cited “cost concerns”, “technology gaps”, and “privacy regulations/data security” as their biggest hurdles for enacting Zero Trust security initiatives. 


 t9HXLYDcm6S7YYuETP ptEWScCAOw83Qy26DwnaNpiLne6iruGEfGntEwYbMfU5j7AlZ2I5GZS2j5Lt1UKW9MWiNVJqF97It1gpERh9WriwDW nxOUrvyYNQEpfjIUnFEWmWJLWghtu GoVGfRZ4iQ

Additional highlights and insights

The report includes additional insightful takeaways, such as:

  • Survey results broken down by region, industry, and company size
  • Top security concerns, including an unusual favourite this year
  • How organisations are balancing security with usability
  • The specific Zero Trust solutions that respondents plan to implement
  • Tips for rolling out a Zero Trust strategy for your organisation

Three decades in the making, Zero Trust is now a business imperative for organisations around the world.

To learn more about the state of Zero Trust security today, read our full report.

These materials and any recommendations within are not legal, privacy, security, compliance, or business advice. These materials are intended for general informational purposes only and may not reflect the most current security, privacy, and legal developments nor all relevant issues. You are responsible for obtaining legal, security, privacy, compliance, or business advice from your own lawyer or other professional advisor and should not rely on the recommendations herein. Okta is not liable to you for any loss or damages that may result from your implementation of any recommendations in these materials. Okta makes no representations, warranties, or other assurances regarding the content of these materials. Information regarding Okta's contractual assurances to its customers can be found at