The rush to embrace new digital environments across many industries has created more attack surfaces and new risks for data that need to be offset by data security controls, according to a new report from San Jose, Calif.-based security company Thales.
The report, issued in conjunction with analyst firm 451 Research, noted that digitally transformative technologies are shaping the way organizations do business and moving them to a data-driven world, with 94 percent of organizations using sensitive data in cloud, big data, IoT, container, blockchain and/or mobile environments. Survey respondents were in various industries, including healthcare, IT, financial services, and government.
Indeed, the researchers noted that “Digital transformation is driving efficiency and scale as well as making possible new business models that drive growth and profitability. Enterprises are embracing this opportunity by leveraging all that digital technology offers, with adoption at record levels.”
As such, more attack surfaces and new risks for data have emerged. The extent and impact of increased threats is most clearly shown in levels of data breaches and vulnerability: in 2018, 67 percent of study respondents were breached, with 36 percent breached in the last year—a marked increase from 2017, which saw 26 percent breached in the last year; consequently, 44 percent of respondents feel "very" or "extremely" vulnerable to data threats, according to the report’s data.
But while times have changed with respect to technological advancements, security strategies have not– in large part because spending realities do not match up with what works best to protect data, the researchers stated. Indeed, the data showed:
- 77 percent of respondents cite data-at-rest security solutions as being most effective at preventing breaches, with network security (75 percent) and data-in-motion (75 percent) following close behind
- Despite this, 57 percent of respondents are spending the most on endpoint and mobile security technologies, followed by analysis and correlation tools (50 percent)
- When it comes to protecting data, the gap between perception and reality is apparent, with data-at-rest security solutions coming in at the bottom (40 percent) of IT security spending priorities
“This year we found that organizations are dealing with massive change as a result of digital transformation, but this change is creating new attack surfaces and new risks that need to be offset by data security controls,” said Garrett Bekker, principal security analyst, information security at 451 Research and author of the report. “But while times have changed, security strategies have not—security spending increases that focus on the data itself are at the bottom of IT security spending priorities, leaving customer data, financial information and intellectual property severely at risk. If security strategies aren't equally as dynamic in this fast-changing threat environment, the rate of breaches will continue to increase."
