Advertisement Advertisement

 

 

Thales has announced the results of its 2017 Thales Data Threat Report, issued in conjunction with 451 Research. Sixty-eight per cent of respondents have experienced a breach with 26 per cent experiencing a breach in the last year. 

 

The report, which is in its fifth year, polled 1,100 senior IT security executives at large enterprises around the world and indicates an ongoing disconnect between the security solutions organizations spend money on and the ability of those solutions to protect sensitive data. While 30 per cent of respondents classify their organizations as “very vulnerable” or “extremely vulnerable” to data attacks (and the number of breaches continues to rise) the two top spending priorities are network (62 per cent) and endpoint (56 per cent) protection solutions. Counter intuitively, spending on data-at-rest solutions (46 per cent) comes last.

 

Garrett Bekker, Senior Analyst, Information Security, 451 Research and author of the report, says, “One possible explanation for this troubling state? Organizations keep spending on the same solutions that worked for them in the past but aren’t necessarily the most effective at stopping modern breaches. Data protection tactics need to evolve to match today’s threats. It stands to reason that if security strategies aren’t equally as dynamic in this fast-changing threat environment, the rate of breaches will continue to increase.”

 

The reasons behind security spending decisions are varied, but the key driver remains constant: compliance. Almost half (44 per cent) of respondents list meeting compliance requirements as their top spending priority, followed by best practices (38 per cent) and protecting reputation/brand (36 per cent). While compliance regulations provide a data security blueprint, they are by no means are the only consideration when building a security strategy robust enough to withstand today’s sophisticated attackers.

 

All vertical industries polled identified cybercriminals as the top threat (44 per cent), followed by hacktivists (17 per cent), cyberterrorists (15 per cent) and nation-states (12 per cent). With respect to internal threats, 58 per cent of respondents believe privileged users are the most dangerous insiders (a slight decrease from last year’s 63 per cent). At 44 per cent, executive management is seen as the second-most-risky insider, followed by ordinary employees (36 per cent) and contractors (33 per cent).

 

Peter Galvin, Vice-President of Strategy, Thales e-Security, says, “Enterprises today must inevitably confront an increasingly complicated threat landscape. Our world, which now includes the cloud, big data, the IoT and Docker, calls for robust IT security strategies that protect data in all its forms, at rest, in motion and in use. Businesses need to invest in privacy-by-design defence mechanisms – such as encryption – to protect valuable data and intellectual property and view security as a business enabler that facilitates digital initiatives and builds trust between partners and customers.”

Advertisement