AUSTIN, TX – October 28, 2025 – Portnox, a leader in cloud-native zero trust access control and cybersecurity solutions, today announced key findings from its second release of its annual Wakefield Research survey, focusing on the critical role of Network Access Control (NAC) in modern zero trust cybersecurity strategies. The results underscore a complete resurgence of NAC, specifically cloud-based solutions, from legacy tools to an essential zero trust enforcement point.
“This unique, longitudinal view from the top offers security professionals a crucial, evolving benchmark that’s simply not available anywhere else,” said Nathan Richter, Senior Partner, Wakefield Research.
The survey of 200 U.S. CISOs revealed that NAC is experiencing significant renewed interest, driven by cloud-based innovation and the push to achieve true zero trust network security:
- NAC is Critical to Zero Trust: An overwhelming 97% of CISOs consider Network Access Control (NAC) to be a critical component of any zero trust framework, on par with last year’s survey results.
- Perception and Investment Soar: Driven by modern solutions, 93% of CISOs report their perception of NAC has become more positive over the past year. This improved view is translating into budget allocation, with 87% of organizations increasing investment in NAC in 2026 (up from 83% in 2024). This boost is especially pronounced among large enterprises, where 19% of CISOs at companies with $1 billion+ in revenue anticipate a significant increase in investment.
- Cloud is the Catalyst: The primary factor driving this positive shift is the adoption of new technology. 98% of CISOs cited cloud-based NAC solutions as the most influential factor in changing their view of NAC, recognizing its role in easier, more efficient zero trust implementation and faster time to value.
- VPNs are on the Way Out: Security teams are actively phasing out outdated remote access technology. 67% of organizations expect to replace their legacy VPNs within the next year, with 93% planning to phase them out by 2027 in favor of more modern, secure, agile solutions such as ZTNA remote access products.
“The narrative around NAC has fundamentally changed,” said Denny LeCompte, CEO of Portnox. “NAC is no longer a historical control; it is the connective tissue for zero trust, enabling endpoint visibility and policy enforcement at the access layer. The CISO community is recognizing that modern, cloud-native NAC is indispensable.”
The trend confirms that CISOs are leveraging integrated access control solutions to move toward a posture-based, identity-centric security model that supports hybrid environments.
View the survey results here: portnox.com/ciso-perspectives/data-2026.
Related: