Subscribe
About

Security spending is not reflecting new threats

Regina Pazvakavambwa
By Regina Pazvakavambwa, ITWeb portals journalist.
Johannesburg, 29 Jan 2018
While times have changed, security strategies have not, says Thales.
While times have changed, security strategies have not, says Thales.

Driven by escalating cyber attacks, traditional insider threats, privacy requirements and data residency regulations, enterprises around the world are facing increasing pressures to secure their data and reduce the exposure of their organisations to data-related risks.

This is according to a 2018 Thales Data Threat Report, which looks at what organisations are doing about the problems and best practice recommendations of IT security. Thales in partnership with analyst firm 451 Research surveyed 1 200 senior executives across the globe.

The report shows that almost every organisation in the world - 94% - has embraced transformative technologies like the Internet of things, container, blockchain and mobile.

The rush to embrace new environments has created more attack surfaces and new risks for data that need to be offset by data security controls, says the study. It reveals 67% of global enterprises have now been breached - over half of these breached in the last year (36%). Consequently, 44% of respondents feel "very" or "extremely" vulnerable to data threats, adds the report.

While times have changed with respect to technological advancements, security strategies have not - in large part because spending realities do not match up with what works best to protect data, notes Thales.

Although 77% of respondents say data-at-rest solutions are the most effective at preventing breaches, 57% are spending the most on endpoint and mobile security. Data-at-rest solutions were at the bottom of 40% of respondents' security budget priorities.

This disconnect is also reflected in organisations' attitude towards encryption, a key technology with a proven track record of protecting data, says Thales. While spending decisions don't reflect its popularity, respondents still express a strong interest in deploying encryption technologies - 44% cite encryption as the top tool for increased cloud usage, 35% believe encryption is necessary to drive big data adoption, it adds.

"This year we found that organisations are dealing with massive change as a result of digital transformation, but this change is creating new attack surfaces and new risks that need to be offset by data security controls, says Garrett Bekker, principal security analyst, information security for 451 Research and author of the report.

"While times have changed, security strategies have not - security spending increases that focus on the data itself are at the bottom of IT security spending priorities, leaving customer data, financial information and intellectual property severely at risk. If security strategies aren't equally as dynamic in this fast-changing threat environment, the rate of breaches will continue to increase."

Share