Zero-trust security spending and software-as-a-service (SaaS) network security revenue skyrocketed in the third quarter of 2021 due to pent-up demand, new security threats, and digitization efforts, according to a Dell’Oro Group report.

“Interest in zero trust has exploded due to the numerous high-profile security attacks in the recent past that have shown the inadequacy of the legacy perimeter network architecture, particularly for the remote-user use case,” Mauricio Sanchez, research director of network security at Dell’Oro Group, told SDxCentral in an email.

One of the most notable cyber incidents this year was the Colonial Pipeline ransomware attack. Post-mortem investigations showed stolen VPN credentials allowed the attackers to gain far-reaching access into its network. “Had the strong segmentation of zero trust been in place, it could have helped blunt the attack,” Sanchez added.

Not long after the attack, U.S. President Biden issued a cybersecurity executive order in May requiring federal agencies to embrace zero-trust strategies, “which has further given interest a boost,” he said.

Spending on zero-trust technologies is also on the rise amid an uncommon alignment between customer interests and available vendor technologies in the market. 

Network security vendors that offer zero-trust capabilities such as Zscaler, Cisco, and Palo Alto Networks integrate well with cloud-based IT architectures, so they are “proving to be a good match to the problem set,” Sanchez said. “Classical appliance-driven, perimeter security appliances just no longer work in today’s modern cloud-centric enterprise.”

Those three vendors also were the top network-security providers for the quarter, together capturing nearly 60% of the market, he added. And SaaS-based network security revenue increased 26% year over year to $1.2 billion during the same period, according to the report.

The SaaS-based secure web gateway (SWG) market grew 35% year over year to nearly $600 million in the third quarter, according to Sanchez. The shift toward SaaS-based SWG models started several years ago, and the implementation of SWG-based zero trust architecture, which only works with cloud-delivered or SaaS models, spurred its adoption.

On the other hand, zero-trust capabilities are complementary to SWG’s classic proxy capabilities, while SWG is also embracing cloud access security broker (CASB) and firewall-as-a-service capabilities, Sanchez pointed out.

“While there are vendors who focus on providing just zero-trust capabilities, we see long-term opportunities limited versus those that provide the wider entrée,” he added.

In addition, SaaS-based SWGs are a vital part of a secure access service edge (SASE) architecture. And as Sanchez looks to the future of zero-trust technology developments, “the inclusion of SD-WAN networking is taking place and fuel to the entire SASE conversation.”