Digitally transformative technologies are shaping the way we do business, with 94pc of organisations using sensitive data in cloud, big data, IoT, container, blockchain and/or mobile environments, according to the 2018 Thales Data Threat Report, Global Edition, by the cybersecurity and data security product firm Thales with analyst firm 451 Research. Four in ten, 42pc of organisations use more than 50 SaaS applications, 57pc use three or more IaaS vendors, and 53pc use three or more PaaS.
– 99pc are using big data
– 94pc are implementing IoT technologies
– 91pc are working on or using mobile payments
This rush has created more attack surfaces and new risks for data that need to be offset by data security controls. The extent and impact of increased threats is most clearly shown in levels of data breaches and vulnerability, thefirms suggest. In 2018, 67pc of respondents were breached, with 36pc breached in the last year – a marked increase from 2017, which saw 26pc breached in the last year; hence, 44pc of respondents feel “very” or “extremely” vulnerable to data threats.
As for what works best to protect data, 77pc of respondents cite data-at-rest security solutions as being most effective at preventing breaches, with network security (75pc) and data-in-motion (75pc) close behind. Despite this, 57pc of respondents are spending the most on endpoint and mobile security technologies, followed by analysis and correlation tools (50pc). When it comes to protecting data, the gap between perception and reality is apparent, with data-at-rest security solutions coming in at the bottom (40pc) of IT security spending priorities.
This disconnect is also reflected in organisations’ attitude towards encryption, a key technology with a proven track record of protecting data. While spending decisions don’t reflect its popularity, respondents still express a strong interest in deploying encryption. Four in ten, 44pc cite encryption as the top tool for increased cloud usage; 35pc believe encryption is necessary to drive big data adoption – only three points behind the top perceived driver, identity technologies (38pc), and one point behind the second (improved monitoring and reporting tools, at 36pc); 48pc cite encryption as the top tool for protecting IoT deployments, and 41pc as the top tool for protecting container deployments. Encryption is also cited as the top tool (42pc) for meeting new privacy requirements such as the European Union General Data Protection Regulation (GDPR)
Garrett Bekker, principal security analyst, information security at 451 Research and author of the report says: “This year we found that organizations are dealing with massive change as a result of digital transformation, but this change is creating new attack surfaces and new risks that need to be offset by data security controls. But while times have changed, security strategies have not – security spending increases that focus on the data itself are at the bottom of IT security spending priorities, leaving customer data, financial information and intellectual property severely at risk. If security strategies aren’t equally as dynamic in this fast-changing threat environment, the rate of breaches will continue to increase.”
And Peter Galvin, chief strategy officer, Thales eSecurity says: “From cloud computing, to mobile devices, digital payments and emerging IoT applications, organisations are re-shaping how they do business – and this digital transformation is reliant on data. As is borne out by our 2018 Data Threat Report, we’re now at the point where we have to admit that data breaches are the new reality, with over a third of organisations suffering a breach in the past year. In this increasingly data-driven world it is therefore hugely important to take steps to protect that data wherever it is created, shared or stored.”
