As Cloud Adoption Rises, Security Costs and Data Breaches Grow
To meet compliance requirements and combat the rising threat of data breaches, global enterprises intend to spend more on security this year. And as cloud adoption picks up, data sovereignty grows as a hot topic among security executives — with encryption as the top choice to satisfy local data privacy laws.
These are two of the key findings in the recent 2017 Thales Data Threat Report, which uncovered a mix of good and bad news for enterprises and security vendors alike. The study, based on a global survey of over 1,100 senior security executives conducted in October and November 2016 by 451 Research, targets key segments like the federal government, retail, finance and health care in the U.S., U.K., Germany, Japan and other regional markets.
Cloud Adoption Sparks Enhanced Security
For security vendors, one encouraging sign is that the vast majority of enterprises are actively investing in better protection. Nearly three out of four (73 percent) of Thales survey respondents expect to boost security spending in the next 12 months, marking a significant increase from 58 percent a year ago. Compliance concerns are the primary driver of rising security expenditures, the survey notes, followed by a desire to implement best practices.
Despite the focus on strong security, however, data breaches remain a major problem. Roughly one in four (26 percent) of respondents said their organizations experienced a breach in the last year, up from 21.7 percent in 2016. It’s not hard to see why one in three respondents said their enterprise is either very vulnerable or extremely vulnerable to data breaches.
So why all the fear? The Thales study offers one possibility: The security measures organizations have taken in the past are no longer effective at stopping modern breaches.
For instance, network and end-point security topped the list of planned spending categories, but in terms of effectiveness, end-point security ranked at the bottom in preventing data theft and breaches, the report notes.
Confidence Needed to Meet Demands
IT professionals’ lack of confidence in security measures is seen in other recent studies as well. For instance, in a 2016 survey of 700 security professionals by CyberEdge Group and Tenable Security Networks, respondents across multiple industry segments gave their cybersecurity confidence a C- grade.
There’s hope, however. Many organizations are ironing up their security confidence by partnering with a managed security service provider or external network security firm.
Consider that trend along with these other key findings from the 2017 Thales Data Threat Report:
- The vast majority of respondents (88 percent) feel somewhat vulnerable to data threats, down slightly from 90 percent in 2016 but still alarmingly high.
- Over 57 percent of respondents claim full knowledge of where sensitive data is stored, up significantly from 42 percent last year. The report calls this a “departure from both practical experience and anecdotal evidence.”
- The main reasons why organizations don’t adopt more aggressive data security solutions involve complexity (50.4 percent) followed by lack of staff (36 percent).
- Four out of 10 respondents are using Docker containers for production applications. However, nearly half cite security concerns as the top barrier to broader Docker adoption.