Did you know that a hacker can crack your password in less than 1 second? Or that the number of security breaches has increased by 91% since 2023? Traditional protection measures have stopped being sufficient to safeguard a company’s data, especially when telecommuting has become the daily norm for many businesses. This is where the Zero Trust model comes into play.
A Zero Trust solution presents itself as a strategic advantage against the growing rise of cybercrime. This breaks with perimeter-based security standards. With this, every access to a network must be verified, regardless of its location. But… what is the current state of its adoption and why does your company need it?To better understand the importance of Zero Trust solutions, we have compiled some of the most relevant cybersecurity statistics and the use of Zero Trust in 2025.
Most relevant Zero Trust statistics (2025)
- The number of security breaches has multiplied by 12 since 2023 (Surfshark)
- The cost of a security breach in 2024 was 4.88 million USD. (IBM)
- In 2025, the Zero-Trust market has reached a value of 41.4 trillion USD and will reach 144.4 trillion in 2033.
- The annual growth rate (CAGR) of the Zero Trust market is estimated at 16.9%.
- 63% of organizations worldwide have implemented a Zero Trust model, either fully or partially. (Gartner)
- The financial industry and the software sector lead the adoption of a Zero-Knowledge architecture. (Okta)
- The 90% of companies that have migrated to the cloud have adopted a Zero Trust architecture.
The United States is the region with the largest Zero Trust market, while the Asia-Pacific region has the highest growth of this type of security architecture. (MordorIntelligence)
Security breaches are the biggest drivers of the Zero Trust model
According to a recent report by Entrust, the risk of a security breach -or cyber breach- is the main reason why companies choose to implement a Zero Trust architecture.
Globally, 37% of organizations admit to having implemented Zero Trust security due to fear of a possible security breach. The number increases exponentially in the US, where 50% of respondents cite adopting the Zero Trust model due to cyber breaches.
Below are the main reasons for adopting the Zero Trust model globally:
- Security breaches: 37%
- Expansion of the attack surface: 30%
- Regulations and security standards: 33%
(Source: Entrust)
There is a 91% increase in security breaches compared to 2023
According to a study conducted by Surfshark, security breaches have multiplied exponentially in recent years. In 2024,5.5 billion accounts globally were compromised, 3 times more than in 2023.
However, the numbers have skyrocketed by 2025, reaching 8.3 billion compromised accounts. If we analyze these numbers over a timeline, we will reach the alarming conclusion that to date there are 12 times more security breaches than two years ago.
This is the number of compromised accounts in security breaches from 2023 to 2025:
- 2023: 730 million breaches.
- 2024: 5.5 billion breaches.
- 2025: 8.3 billion breaches.
(Source: Surfshark)
(Source: Surfshark)
A security breach costs 5 trillion dollars
The growth of security breaches leads to a high cost for those companies and organizations that are victims of them. According to a report by IBM, a security breach generates an approximate expense of 4.88 trillion dollars.
Next, we provide a table showing the global cost of a security breach over the past years:
(Source: Zero Threat)
| Year | Average cost of a security breach (in USD) | % change from previous year |
|---|---|---|
| 2024 | 4.88 million dollars | 9.66% |
| 2023 | 4.45 million dollars | 2.30% |
| 2022 | 4.35 million dollars | 2.59% |
| 2021 | 4.24 million dollars | 9.84% |
| 2020 | 3.86 million dollars | -1.53% |
| 2019 | 3.92 million dollars | 1.55% |
| 2018 | 3.86 million dollars | 6.62% |
| 2017 | 3.62 million dollars | n/a |
Zero Trust Market Growth
With the exponential rise in cyberattacks, companies are opting to abandon perimeter-based security models in favor of more dynamic and identity-centered approaches.
The market expansion is driven by the widespread adoption of cloud services as well as by the growth of remote work, largely resulting from the COVID-19 pandemic.
According to a study conducted by Market.US, the Zero Trust market has reached a value of 41.4 trillion dollars and, with an annual growth rate (CAGR) of 16.9%, it will reach 144.4 trillion in 2033.
This is the growth (in trillions of dollars) experienced by the Zero Trust market since 2023:
- 2023: 30.3$ trillion USD.
- 2024: 35.4$ trillion USD.
- 2025: 41.4$ trillion USD.
- 2026*: 48.4$ trillion USD.
- 2027*: 56.6$ trillion USD.
- 2028*: 66.1$ trillion USD.
- 2029*: 77.3$ trillion USD.
- 2030*: 90.4$ trillion USD.
- 2031*: 105.7$ trillion USD.
- 2032*: 123.5$ trillion USD.
- 2033*: 144.4$ trillion USD.
(*estimated)
(Source: Market.US)
63% of organizations globally have adopted the Zero Trust model
A recent report created by Gartner concludes that, by 2025, the majority of organizations worldwide have developed some type of Zero Trust strategy. Of these, 63% have already implemented it into their company’s workflow, either fully or partially.
(Source: Gartner)
The financial and software sectors lead the adoption of the Zero Trust model
The report* The State of Zero Trust 2023 *from Okta offers really interesting data regarding the adoption of the Zero Trust architecture. In one of its surveys, different sectors (Public, Health, Financial Services, and Software) were asked whether their company already had a Zero Trust solution or if they planned to incorporate one in the next 12-18 months.
The results clearly show how the financial sector and the software are the ones not only with greater adoption of the Zero Trust model (71% and 69% respectively), but also those most interested in implementing it in the coming months.
Question: Does your organization currently have a defined Zero Trust security initiative, or are you planning to start one in the next 12 to 18 months?
(Source: Okta)
| Health | Public Sector | Financial Services | Software |
|---|---|---|---|
| No or not yet | 4% | 4% | 0% |
| In the next 13-18 months | 11% | 9% | 8% |
| In the next 6-12 months | 38% | 29% | 22% |
| Already has one | 47% | 58% | 71% |
The implementation of multifactor authentication (MFA) is the top priority for companies
The adoption of the Zero Trust philosophy has changed the way companies validate the identity of their employees. Thanks to the data collected by Okta, we can see how different sectors of the industry have adopted this security model:
- In the healthcare sector: Multifactor authentication (MFA) for external users, MFA for employees, and directory connection with cloud applications.
- In the public sector: MFA for external users, secure access to APIs, and MFA for employees.
- In financial services: MFA for employees, MFA for external users, and privilege management for cloud infrastructure.
- In software: MFA for employees, secure access to APIs, and MFA for external users.
If we analyze in detail the data collected in the report* *The State of Zero Trust 2023, we can see how multifactor authentication (MFA) followed by secure access to APIs and privilege management in the cloud are the top priorities for companies.
Next, we detail the results of the survey:
Question: Which of these security initiatives is a priority for your company in the next 12-18 months?
(Source: Okta)
| High Priority | Medium Priority | Low Priority |
|---|---|---|
| Multifactor authentication (MFA) for employees | 42% | 44% |
| Secure access to APIs | 42% | 43% |
| Privilege management for accessing the cloud | 42% | 42% |
| Connection of employee directory to the cloud | 40% | 45% |
| Creation of context-based access policies | 38% | 48% |
| Automation of provisioning/deprovisioning for employees | 37% | 46% |
| Automation of provisioning/deprovisioning for external users | 37% | 46% |
| Implementation of passwordless access | 37% | 42% |
| Implementation of single sign-on (SSO) for employees | 37% | 42% |
| Implementation of single sign-on (SSO) for external users | 36% | 45% |
| Implementation of multiple factors |
through user groups | 35% | 49% | 13% | | | Implementation of multifactor authentication (MFA) for external users | 35% | 45% | 16%
| |
77% of companies that have implemented the Zero Trust model have done so on their premises
A recent study created by Zscaler shows us how the Zero Trust model has been implemented more frequently on-premises than in the cloud. In fact, the market share for both is 77% and 23% respectively.
This clear preference *on-premises *is largely due to the fact that implementing the Zero Trust architecture on the company’s own premises helps keep all types of sensitive information within the same organization.
(Source: Zscaler)
90% of companies that have migrated to the cloud have adopted the Zero Trust model
According to the study The State of Zero Trust Transformation by Zscaler, more than 90% of businesses that have migrated to the cloud have implemented or are in the process of implementing a Zero Trust security architecture.
The report highlights that, of all respondents, only 22% of IT leaders are “completely confident” that their organization is leveraging the potential of its cloud infrastructure. This is why they have decided to adopt the Zero Trust model.
The same study also points out that 68% of organizations believe it is not possible to make a completely secure leap to the cloud using legacy network security infrastructures. The same number also states that Zero Trust Network Access (ZTNA) is much more secure than any traditional firewall and VPN.
(Source: Zscaler)
Adoption of the Zero Trust Model by Country
More than 60% of organizations and companies worldwide have adopted or are beginning to adopt a Zero Trust security architecture. However, this implementation is not the same across different geographic regions.
According to the State of Zero Trust & Encryption Study 2024 report by Entrust, the countries with the highest adoption of the Zero Trust model are Japan, Singapore and United Arab Emirates.
Below, we present the percentage of companies and organizations that have implemented the Zero Trust model by their country.
- United States: 48%
- United Kingdom: 44%
- Canada: 54%
- Germany: 53%
- United Arab Emirates: 70%
- Australia / New Zealand: 68%
- Japan: 73%
- Singapore: 72%
- Saudi Arabia: 70%
(Source: Entrust)
Conclusion
The Zero Trust security model -or Zero Trust- is, as of today, the best way to protect a company both in its facilities and in hybrid and multicloud environments.
The alarming rise of security breaches and attack vectors -both internal and external- is following an exponential curve that will not give us a break in the coming years. This is why it is so important to adopt a proactive security approach, where monitoring and identity management play a fundamental role in mitigating threats.
The vast majority of organizations worldwide -regardless of their size, location, or sector- have already begun to implement this architecture. While it is true that its adoption can be challenging without the right software, data supports that thanks to Zero Trust, companies will significantly reduce the risk of breaches and will manage to protect their critical assets by 2025.