IT Brief Canada - Technology news for CIOs & IT decision-makers
Canada

Guides

#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things

Search

Secure digital network interconnected nodes lock icons protected pathways legacy it shadow
#
Advanced Persistent Threat Protection
#
IAM
#
Zero Trust Security

Zero Trust delivers security gains but AI adoption lags behind

Fri, 10th Oct 2025
Author image
By Jed Nykolle Harme, Editor

Research from DXC Technology and Microsoft has found that while many organisations have adopted Zero Trust security frameworks, only a minority are currently using artificial intelligence to enhance their cyber defences.

The global study, which involved interviews with more than one hundred cybersecurity experts across four continents, revealed that 83% of organisations using Zero Trust have experienced a reduction in security incidents. However, just 30% of those surveyed reported using AI-powered authentication tools, indicating a substantial gap between adoption of core Zero Trust measures and the integration of advanced AI security technologies.

Zero Trust adoption

Zero Trust has increasingly become the prevailing model for safeguarding digital environments against emerging threats. The research indicates that the framework delivers measurable benefits: organisations reported not only fewer security incidents, but also lower overall remediation and support costs when adopting a Zero Trust approach. Despite these advantages, many cited difficulties in advancing their efforts, particularly in integrating newer technologies such as AI.

A key insight from the findings is the prevalence of legacy IT infrastructure as a barrier. The report states that 66% of organisations view legacy systems as the biggest challenge to fully implementing Zero Trust. Such systems, often outdated or incompatible with contemporary security tools, can hinder efforts to modernise and automate defences.

Drivers for change

The evolving nature of cyber threats is a primary motivator for continuous improvement of security policies. The study found that 72% of enterprises identify new threats as the leading factor driving ongoing enhancement of Zero Trust practices. The increasing use of AI by malicious actors has contributed to the urgency for businesses to update their security frameworks and to consider using AI as a defensive tool as well.

Commenting on the findings, Dawn-Marie Vaughan, Global Offering Lead Cybersecurity, DXC, said:

"Zero Trust is increasingly viewed as the standard going forward. As AI-driven threats accelerate, organizations must evaluate security holistically across identity, devices, networks, applications, and data. At DXC, we're helping customers embed Zero Trust into their culture and technology to safeguard operations. Our end-to-end expertise makes it possible to both defend against AI threats and harness secure AI in the same decisive motion."

Another significant outcome highlighted by the survey is the unexpected benefit of Zero Trust in terms of user experience. More than half of respondents discovered that beyond improving security, implementing Zero Trust architectures also contributed to a smoother and more predictable experience for end-users, reducing friction in day-to-day digital operations.

Integration challenges

The interplay between established technology providers and specialist security partners appears central to effective Zero Trust adoption. Alex Simons, Corporate Vice President for Microsoft Entra, commented on the role that platforms such as Microsoft Entra ID and Microsoft 365 play in this ecosystem.

"Most enterprises already rely on Microsoft Entra ID and Microsoft 365 as the backbone of their IT environments. Building Zero Trust solutions alongside DXC extends that value, enabling tighter integration, simplified operations, and greater visibility and control. By consolidating around the Microsoft stack, organizations can reduce complexity, cut costs, and accelerate their Zero Trust journey."

The research underscores that Zero Trust must be seen as an evolving programme rather than a fixed solution. While the framework brings clear benefits, managing it effectively requires not only initial investment but also ongoing cultural change, continuous threat monitoring, and strong partnerships with technology experts. The findings recommend starting with core elements such as identity management, and then building towards broader integration and advanced automation, particularly through collaboration with experienced partners.

AI and future direction

Despite widespread recognition of AI's potential in cybersecurity, only a minority have put these capabilities to use, especially in high-value areas such as authentication. With cyber threats becoming more complex and AI increasingly weaponised by attackers, security leaders are under pressure to close this gap. The report calls for a phased approach to adoption, leveraging AI where possible while maintaining robust governance and oversight, in part by ensuring that AI-driven decisions always include a role for expert human judgement.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Kyndryl launches agentic AI services to reshape workplace roles
Sage unveils Intacct AI automation upgrades for finance teams
Google unveils Private AI Compute for secure cloud-based AI tasks
Phishing kits & steganography drive new wave of email threats
HPE launches GX5000 supercomputers to power next-gen AI research

Top stories

Microsoft to enable in-country Copilot data processing by 2026
Safe Software passes USD $100M revenue as growth accelerates
BDO Digital named finalist for 2025 Microsoft Americas award
Canadian SMBs lose growth due to tool overload & missed AI gains
Beyond Bloom: Why transformation, not creation, represents the peak of learning in the AI era