- With data breaches on the rise, organizations are increasingly turning to cloud, big data, Internet of Things (IoT), container, blockchain and/or mobile environments, recent research shows. Furthermore, over half of surveyed entities are focusing on endpoint and mobile security technology to keep data safe.
The 2018 Thales Data Threat Report found that 94 percent of senior executives across the globe are turning to new digital technologies. Respondents were in numerous industries, including healthcare, IT, financial services, and government.
Approximately one-third of organizations (36 percent) were breached in the last year, which is an increase from the 26 percent that said the same in last year’s report. Forty-four percent of respondents added that they feel “very” or “extremely” vulnerable to data threats.
"From cloud computing, to mobile devices, digital payments and emerging IoT applications, organizations are re-shaping how they do business – and this digital transformation is reliant on data,” Thales eSecurity Chief Strategy Officer Peter Galvin said in a statement.
“We're now at the point where we have to admit that data breaches are the new reality, with over a third of organizations suffering a breach in the past year,” Galvin continued. “In this increasingly data-driven world it is therefore hugely important to take steps to protect that data wherever it is created, shared or stored."
Data-at-rest security solutions (77 percent), network security (75 percent), and data-in-motion (75 percent) were listed as the most effective options for data breach prevention. However, 57 percent of respondents said their organization was spending the most on endpoint and mobile security technologies.
Half of those surveyed said that analysis and correlation tools were the top investment area for their organization. Forty percent of respondents stated that data-at-rest security solutions were the top priority.
Data encryption was also an increasingly popular option that entities are beginning to consider, the report found.
Forty-four percent of respondents said data encryption was the top tool for increased cloud usage, while 48 percent stated encryption was key for protecting IoT deployments.
Thirty-five percent of those surveyed reported that data encryption was needed to help fuel big data adoption.
Data encryption was the top desired data security purchase to be made in the next year, the research showed. Forty-two percent of respondents also said that encryption was necessary for meeting new privacy requirements such as the European Union General Data Protection Regulation (GDPR).
451 Research Information Security Principal Security Analyst Garrett Bekker explained that the digital transformation is “creating new attack surfaces and new risks that need to be offset by data security controls.
“While times have changed, security strategies have not – security spending increases that focus on the data itself are at the bottom of IT security spending priorities, leaving customer data, financial information and intellectual property severely at risk,” stated Bekker, who authored the Thales report. “If security strategies aren't equally as dynamic in this fast-changing threat environment, the rate of breaches will continue to increase."
Leveraging encryption options and access controls will be essential for stronger data security, researchers suggested. Organizations should also look into security analytics and multi-factor authentication solutions, according to the research team.
Healthcare organizations are continuing to invest in cybersecurity solutions, with data encryption and application security top focus areas.
A 2017 Infoblox survey of healthcare IT and security professionals in the UK and US found that 36 percent of respondents said they invested in application security to secure web applications, operating systems, and software.
Half of the US IT and security respondents said their company invests in encryption software, while 36 percent of those surveyed in the UK said they pay for encryption solutions.
Anti-virus software (60 percent) and firewalls (50 percent) were the top two cybersecurity investments, the survey found.
Healthcare IoT security was also a top concern, with 20 percent of respondents saying they had over 5,000 devices on their network. Eleven percent of US security professionals stated that they don’t think their current security policy for newly connected devices is effective, with 15 percent of UK respondents believing the same.
Overall though, 85 percent of those surveyed said they are spending more in cybersecurity, with 12 percent of respondents stating their cybersecurity spending increased by over 50 percent.
“Across the UK and US, healthcare IT professionals are facing growing challenges in securing their networks and devices, with our research highlighting diverse issues ranging from vulnerabilities in medical devices to outdated operating systems and unenforceable security policies,” the researchers wrote. “However, cybersecurity investment is increasing across the board, providing the opportunity for great improvement if deployed effectively.”