2021 VPN Risk Report

February 18, 2021


For nearly 30 years, VPNs (Virtual Private Networks) have been central to providing remote users with access to the corporate network. Now the digitally transformed world, where zero trust is a must and applications have moved outside the traditional perimeter, has changed that reality.

“Corporate VPN is an aging technology as organizations shift to more cloud-based services…However, in the wake of the global coronavirus pandemic, companies are realizing they have to fundamentally change the way they work.”
– Rob Smith, Senior Director Analyst, Gartner

VPN technologies that were the heart of remote access have become a source of risk, leading organizations to reassess their long-term access strategy and use of VPN. The worldwide surge in remote work due to the COVID-19 pandemic has led to an increase in use of VPN, and thus, expanding the enterprises’ attack surface. Threat actors are targeting VPNs as made evident by the countless new articles about VPN exploits and almost 500 known VPN vulnerabilities listed on the CVE database.

This 2021 VPN Risk Report surveyed 357 cybersecurity professionals, providing insight into the current remote access environment, the state of VPN within the enterprise, the rise in VPN vulnerabilities, and the role that zero trust will play in enabling access to apps going forward.


  • 93% of companies are leveraging VPN services, yet 94% are aware that cybercriminals are targeting VPNs to gain access to network resources.
  • 72% of organizations are concerned that VPN may jeopardize IT’s ability to keep their environments secure.
  • 67% of enterprises are considering a remote access alternative to a traditional VPN.
  • Today, 72% of companies are prioritizing the adoption of a zero trust model, while 59% have accelerated their efforts due to the focus on remote work.

Many thanks to Zscaler for supporting this important research project.

We hope you find this report informative and helpful as you continue your efforts in protecting your IT environments.

Thank you,

Holger Schulze
CEO and Founder, Cybersecurity Insiders

Price: FREE

About the Provider

Zscaler is a global cloud-based information security company that provides Internet security, web security, firewalls, sandboxing, SSL inspection, antivirus, vulnerability management and granular control of user activity in cloud computing, mobile and Internet of things environments.


ransomware, Remote access, security vulnerabilities, VPN Risk