A rush to digital transformation is putting sensitive data at risk worldwide, according to Thales, the cyber security product company, in its 2019 Data Threat Report – Global Edition, with research and analysis from IDC. As business embraces new technologies, such as multi-cloud deployments, they are struggling to implement proper data security, the report suggests.
Near all, 97 percent of the survey respondents reported their organisation was already under way with some level of digital transformation and, with that, confirmed they are using and exposing sensitive data. Aggressive digital transformers are most at risk for data breaches, but, the study finds that three in ten of respondents (30pc) are using encryption. The study also found a few key areas where encryption adoption and usage are above average: IoT (42 per cent), containers (47pc) and big data (45pc).
As companies move to the cloud or multi-cloud use as part of their digital transformation, protecting their sensitive data is becoming increasingly complex. Nine out of 10 respondents are using, or will be using, some type of cloud, and 44pc rated complexity of that as a perceived barrier to having proper data security measures. In fact, this complexity is ahead of staff needs, budget restraints and securing organisational buy-in.
Globally, most, 60pc of organizations say they have been breached at some point, with 30pc experiencing a breach within the past year alone. In a year where breaches regularly appear in headlines, the United States had the highest number of breaches in the last three years (65pc) as well as in the last year (36pc). The bottom line according to the study is that whatever technologies a business deploys to make digital transformation happen, the easy and timely access to data puts this data at risk internally and externally. Most, 86pc, feel vulnerable to data threats; this does not always translate into security best practices as evidenced by the less than 30pc of respondents using encryption as part of their digital transformation strategy.
Frank Dickson, research vice president for security products research at IDC says: “Our research shows that no organisation is immune from data security threats and, in fact, we found that the most sophisticated organisations are more likely to indicate that they have experienced a data security breach. This trend is consistent no matter how we define the sophistication of the audience: those who are spending more on IT security, those for whom data security is a larger portion of their security budget, or those who are further along in their digital transformation journey.”
And Tina Stewart, vice president of market strategy at Thales eSecurity says: “Data security is vitally important. Organisations need to take a fresh look at how they implement a data security and encryption strategy in support of their transition to the cloud and meeting regulatory and compliance mandates. As our 2019 Thales Data Threat Report shows, we have now reached a point where almost every organisation has been breached. As data breaches continue to be widespread and commonplace, enterprises around the globe can rely on Thales to secure their digital transformation in the face of these ongoing threats.”
Comment
Javvad Malik, security advocate at AlienVault, said: “The use of live customer data or sensitive data in test environments isn’t necessarily a new phenomenon. Historically, when developing on-premises technology platforms, security departments have had to deal with over-zealous developers wanting to use production data for testing. While, for some types of data it is necessary to use a sample of real data, there are many techniques and technologies in place where either dummy data could be used, or sensitive data can be obfuscated to the point where it is adequate for testing, yet would not lead to a breach if exposed.
“As we’ve seen with cloud environments such as AWS S3 buckets, it is all too easy to leave them inadvertently exposed to the public, and using sensitive information in these environments is a ticking time bomb.”
