By Tomáš Foltýn
Organizations from various industries across the
globe are increasingly hip to the magnitude of the problem posed by data
breaches, with 44% of them feeling “very” or “extremely” vulnerable to data
threats, according to some of the key takeaways from the global edition of
Thales’ 2018 Data Threat
Report.
This is a sharp increase from 30% just one year
ago. In the United States alone, the ratio nearly doubled – from 29% to a full
53% this year. In total, 91% – up from 88% in the 2017 report – admitted to feeling some degree of
vulnerability to data breaches.
The report, now in its 6th edition,
sheds light on the extent of data breaches at medium and larger enterprises
worldwide. The report is underpinned by a survey that Thales, a French
multinational aerospace and defense technology provider, carried out together
with 451 Research. It polled 1,200 senior IT executives from various sectors in
Germany, Japan, India, the Netherlands, Sweden, South Korea, the United
Kingdom, and the US.
A record-high proportion of organizations worldwide
(67%) said that they had been breached at some point, up from 56% in the
report’s previous edition.
When only the past 12 months are considered, as
many as 36% of organizations globally (and 46% percent in the US alone) have suffered a breach. This is up from 26 percent worldwide in the
report’s previous edition. A total of 15% of enterprises have had this
experience repeatedly, having suffered breaches both in the last year and
earlier.
New environments, new challenges
The increased exposure to data threats in general
comes in part down to the rush to adopt new environments that engender fresh
risks. Also to blame, according to Thales, is “a failure to adopt modern data
security methods for existing data sets”.
Virtually all organizations have embraced cloud technology. Big data (99%), the Internet-of-Things (IoT) technologies (94%) and Blockchain (92%) are also inching close to universal adoption.
Nearly all (94%) enterprises use sensitive data within such digitally
transformative technologies.
The report suggested a three-pronged approach to
stem the tide of data breaches – data encryption, access control on a need-to-know basis, and keeping a close
eye on data usage and access patterns.
It found that the greatest proportion of the
respondents (77%) rated data-at-rest defenses (encryption, tokenization, etc.) as the most effective tool for protecting data. And yet, from among five types of technology
under review, data-at-rest security receives the lowest increase in planned
spending.
The report also notes two legislative landmarks
that have been introduced by the EU. The General Data Protection Regulation (GDPR) affects any company
processing or collecting the data of a European Union citizen, regardless of
where the company is based. The revised Payment Services Directive (PSD2), for its part, is
effectively breaking down the monopoly of banks on their customers’ data.