Embed Size (px)
Citation preview
www.thales-esecurity.com
2017 THALES DATA THREAT REPORTTrends in Encryption and Data Security
MEXICO AND BRAZIL EDITION
FOCUS ON BRAZIL
2017 THALES DATA THREAT REPORTTRENDS IN ENCRYPTION AND DATA PROTECTION
U.S.
MEXICO
U.K.GERMANY
JAPAN
AUSTRALIABRAZIL
1,100+ SENIOR IT SECURITY EXECUTIVES SURVEYED GLOBALLY | 100 BRAZIL | 500 U.S. | 100 MEXICO, GERMANY, JAPAN, AUSTRALIA, U.K.
Copyright 2017 Thales
RESPONDENTS ORGANIZATIONS (BRAZIL)100% - R$ 300M+ 47% - R$ 1.5 B+20% - R$ 3.1 B+
GARRET BEKKER – PRINCIPAL ANALYST, INFORMATION SECURITY
THE BIG DISCONNECT
“OUR 2017 REPORT FINDS A SITUATION WHERE SPENDING ON IT SECURITY IS SHARPLY INCREASED IN BRAZIL, IN FACT – YET DATA BREACHES ARE ALSO
UP SIGNIFICANTLY.”
“FUNDAMENTAL IT SECURITY STRATEGIES ARE ALSO NOT KEEPING UP WITHTHE PACE OF TECHNICAL CHANGE. 80% OF BRAZILIAN RESPONDENTS
INDICATED THAT NEW TECHNOLOGIES ARE DEPLOYED BEFORE DATA SECURITY IS IN PLACE”
“CLEARLY, THERE’S STILL A BIG DISCONNECT.”
OF BRAZILIAN RESPONDENTS FELT THEIR ORGANIZATIONS WERE VULNERABLE TO DATA THREATS77%WERE VERY OR EXTREMELY VULNERABLE – UP FROM 15% IN 2016 19%
VULNERABILITYTO DATA THREATS IN BRAZIL – THE LOWEST RATE MEASURED
GLOBAL
VULNERABLE VERY/EXTREMELY VULNERABLE
VERY OR EXTREMELY
VULNERABLE
SOMEWHAT OR MORE
VULNERABLE
16%
84%
UNITEDSTATES
REGIONAL
UNITEDKINGDOM
20% 31%45%JAPAN MEXICOGERMANY
90%95%84%
23% 19%
77%
49%
91%
BRAZIL AUSTRALIA
29%
90% 83%
88% 30%
E X P E C T T H E I R S P E N D I N G O N D AT A
S E C U R I T Y T O I N C R E AS E
• UP FROM 73% IN 2016• HIGHEST LEVEL MEASURED
85%75%H AVE E X P E R I E N C E D
A D AT A B R E AC H
• SECOND HIGHEST RATE MEASURED, JUST BEHIND MEXICO AT 78% -GLOBAL AVERAGE 56%
• 28% IN THE LAST YEAR• 9% MORE THAN ONCE
YET …
TOP DRIVERS FOR IT SECURITY SPENDING
IT SECURITY SPENDING PRIORITIES (RATES OF TOP 3 SELECTION)
Uniquely, Brazil was the only country that had
“Increased Cloud Use” as the top reason for
increasing IT Security spending. Globally
“Increased Cloud Use” was 5th at 35% along with
“Data Breach Penalties”
51% INCREASED CLOUD USE
20% DATA BREACH PENALTIES
43% REPUTATION AND BRAND PROTECTION
35% EXECUTIVE DIRECTIVE
30% COMPLIANCE REQUIREMENTS
25% PARTNER AND PROSPECT REQUIREMENTS
24% COMPETITIVE/STRATEGIC CONCERNS
16% PREVIOUS DATA BREACH
TOP DRIVER:
51%INCREASED CLOUD USE
35% IT SECURITY BEST PRACTICES
80%OF BRAZILIAN IT SECURITY PROS SURVEYED ARE CONCERNED THAT THEY ARE DEPLOYING NEW
TECHNOLOGIES IN ADVANCE OF HAVING APPROPRIATE LEVELS OF DATA SECURITY IN PLACE
ALLWILL USE SENSITIVE DATA IN AT
LEAST ONE OF THESE ADVANCED TECHNOLOGY ENVIRONMENTS
51%
20%
47%
55%
21%
35%
65%
57%
BLOCKCHAIN
CONTAINERS
BIG DATA
IOT
PAAS
MOBILE
IAAS
SAASRATES OF SENSITIVE DATA USE BY ENVIRONMENT TYPE
INCREASING SPENDING THE MOST WHERE DEFENSES OFTEN FAIL TO PROTECT DATA
IT SECURITY DEFENSE SPENDING INCREASES
NETWORK
ANALYSIS AND CORRELATIONDATA IN MOTION
END POINT AND MOBILE
69%
55%
64%
70%
56%DATA AT REST
BELIEVE NETWORK SECURITY VERY/ EXTREMELY EFFECTIVE AT PROTECTING DATA
88%+5% FROM 2016
BELIEVE ENDPOINT PROTECTION VERY/EXTREMELY EFFECTIVE AT PROTECTING DATA
89%+13% FROM 2016
…organizations keep spending on the same solutions that worked for them in the past but aren’t necessarily the most effective at stopping modern breaches”
“
Garrett Bekker, 451 Research
… spending on securing internal networks from external threats is less and less effective – and relevant – as both the data and the people accessing it are increasingly external.”
“
DATA PRIVACY AND SOVEREIGNTY IMPACTING ENTERPRISES WORLDWIDE
72% - BRAZIL72% - GLOBAL
Impacted by Data Privacy and Data Sovereignty
ADDRESSING REQUIREMENTS BY:
Data privacy has become a hot topic in light of concerns about government snooping, and not surprisingly a host of new privacy laws and regulations are in the process of being revised or enacted around the world, such as GDPR in Europe, LFPDPPP in Mexico and proposed data protection laws in Brazil.
BRAZIL
GLOBAL
TOKENIZING DATA
LOCAL HOSTING & CLOUD
42%61%
40%39%
ENCRYPTING DATA
MIGRATING DATA
TOKENIZING DATA
LOCAL HOSTING & CLOUD
40%64%
26%36%
ENCRYPTING DATA
MIGRATING DATA
COMPLEXITY AND SKILL SHORTAGESTOP BARRIERS TO DATA SECURITY DEPLOYMENT
LACK OF STAFF TO MANAGE
LACK OF ORGANIZATIONAL BUY IN
35%
44%
31%
35%
27%
COMPLEXITY
POTENTIAL PERFORMANCE IMPACTS
LACK OF PERCEIVED NEED
PERCEIVED BARRIERS TO ADOPTING DATA SECURITY
“…The lack of skilled security staff has been a consistent theme in 451’s research efforts the past few years, and in conjunction with complexity, makes a strong case for data security functionality delivered as a service”
Garrett Bekker451 Research
PERCEPTION OF COMPLEXITY
UNIVERSALLY THE TOP BARRIER
PERCEIVE COMPLEXITY AS THE TOP BARRIER TO ADOPTION DATA SECURITY SOLUTIONS
44%GLOBAL – 50%
27% LACK OF BUDGET
ENTERPRISE CONCERNS WITH CLOUD/SAAS ENVIRONMENTS
77% – BRAZIL SECURITY BREACHES/ ATTACKS AT CSP59% – GLOBAL
76% – BRAZIL57% – GLOBAL
SHARED INFRASTRUCTURE VULNERABILITIES
73% – BRAZIL LACK OF DATA LOCATION CONTROL55% – GLOBAL
68% – BRAZIL LACK OF DATA PRIVACY POLICY / SLA52% – GLOBAL
69% – BRAZIL CLOUD PRIVILEGED USER ABUSE/THREATS53% – GLOBAL
62% – BRAZIL MEETING COMPLIANCE REQUIREMENTS47% – GLOBAL
73% – BRAZIL CUSTODIANSHIP OF ENCRYPTION KEYS51% – GLOBAL
59% – BRAZIL LACK OF VISIBILITY INTO SECURITY PRACTICES50% – GLOBAL
CONCERNS WITH SENSITIVE DATA IN CLOUD ENVIRONMENTS
ARE HIGH, WITH NEARLY HALF OF RESPONDENTS LISTING THEM AS ENVIRONMENTS WHERE THEY ARE CONCERNED ABOUT USING SENSITIVE DATA
48% IAAS
47% PAAS
44% SAAS
THREATS - RATES OF VERY OR EXTREMELY CONCERNED
WHAT CAN CSPS AND SAAS PROVIDERS DOTO INCREASE ENTERPRISE CLOUD ADOPTION IN BRAZIL?
CONSISTENTLY THE FIRST OR SECOND CHOICE THAT WOULD INCREASE ENTERPRISE USE OF CLOUD WORLDWIDE IS ENCRYPTION WITH ENTERPRISE PREMISE KEY CONTROL
DATA ENCRYPTION IN THE CLOUD WITH ENTERPRISEPREMISE KEY CONTROL
61%BRAZIL
61%GLOBAL
SLA AGREEMENTS AND LIABILITY TERMS FOR
DATA BREACHES
51%BRAZIL
49%GLOBAL
SUPPORT FOR CLOUD HSMS
58%BRAZIL
42%GLOBAL
DATA ENCRYPTION IN THE CLOUD WITH CSP KEY
CONTROL
65%BRAZIL
51%GLOBAL
66% 64% 62% 50% 49%
U.S. MEXICO U.K. GERMANY JAPAN
BIG DATA – TOP DATA SECURITY CONCERNS AND STATS
TOP 5 CONCERNS
39% BRAZIL
58% BRAZIL
39% BRAZIL
30% BRAZIL
44% GLOBALSECURITY OF REPORTS THAT MAY INCLUDE
SENSITIVE DATA
45% GLOBALSENSITIVE DATA MAY RESIDE ANYWHERE
35% GLOBAL
PRIVACY VIOLATIONS -DATA ORIGINATES IN MANY
COUNTRIES
40% BRAZIL36% GLOBAL
PRIVILEGED USER ACCESS TO
PROTECTED DATA
22% GLOBALDISCOVERING WHERE
SENSITIVE DATA IS LOCATED
USING ENCRYPTION TO PROTECT DATA
IN BIG DATA ENVIRONMENTS TODAY
49%
VERY CONCERNED ABOUT SENSITIVE
INFORMATION IN BIG DATA WITHOUT DATA SECURITY CONTROLS
USING SENSITIVE INFORMATION IN BIG
DATA ENVIRONMENTS
BRAZIL
36% GLOBAL
51% BRAZIL
47% GLOBAL
33% BRAZIL
44% GLOBAL
ENTERPRISES IN BRAZIL HAVE HIGH IOT ADOPTIONUSE OF SENSITIVE DATA A CONCERN
TOP 5 DATA SECURITY CONCERNS FOR IOT
35% - IOT ATTACK OPERATIONS IMPACT
32% - PRIVACY VIOLATIONSFROM IOT DATA
44% - IDENTIFYING WHICHDATA IS SENSITIVE
44% - PROTECTING SENSITIVE DATA GENERATED BY IOT
29% - LOSS OF THEFT OF IOT DEVICES
95%ADOPTING IOT TECHNOLOGIES
47%USING SENSITIVE
DATA IN IOT
38%VERY CONCERNED ABOUT
SENSITIVE DATA IN IOT
TOP 5 CONTROLS NEEDED TO INCREASE IOT ADOPTION
58% - ANTI-MALWARE FOR DEVICES
53% - IOT NETWORK ISOLATION
61% SECURE ID ANDAUTHENTICATION
64% - ENCYPTION OF DATA
46% - ROLE BASED ACCESS CONTROLS
TOP SECURITY CONTROLS NEEDEDTO INCREASE CONTAINER ADOPTION AND USE IN BRAZIL
SECURITY THE TOP BARRIER TO FURTHER CONTAINER
DEPLOYMENT
48%
51%
ENCRYPTION
39%
40%
44%
49%
VULNERABILITY SCANNING
ANTI-MALWARE
ROLE BASED ACCESS CONTROLS
DIGITAL SIGNATURE IMAGE VALIDATION
42%
ENCRYPTION
22%
31%
45%
53%
VULNERABILITY SCANNING
ANTI-MALWARE
ROLE BASED ACCESS CONTROLS
DIGITAL SIGNATURE IMAGE VALIDATION
BRAZIL
GLOBAL
97%PLAN TO DEPLOY
CONTAINER TECHNOLOGY BY
END OF 2017
ALREADY IN PRODUCTION
52%
ENCRYPTION ENABLES DIGITAL TRANSFORMATIONA KEY TOOL REQUIRED FOR ADVANCED TECHNOLOGY ADOPTION
ENCRYPTION ENABLES FURTHER ADOPTION OF CLOUD
CLOUD DATA ENCRYPTION IN THE CLOUD65% 61%
ENCRYPTION OFFSETS TOP SECURITY CONCERNS
BIG DATASENSITIVE DATA EVERYWHERE
SECURITY OF REPORTSPRIVILEGED USER ACCESS
39%58%40%
IOT DATA ENCRYPTION64%SECURE DIGITAL IDENTITY
(AN ENCRYPTION TECHNOLOGY)61%
CONTAINERS
BRAZIL GLOBAL
ENCRYPTION A TOP CONTROL NEEDED TO ENABLE GREATER ADOPTION
GLOBAL45%44%36%
THE TOP TECHNOLOGY NEEDED TO EXPAND USAGE56%55%
GLOBAL
GLOBAL53%BRAZIL49%
BRAZIL
BRAZIL
BEST PRACTICE RECOMMENDATIONSGARRETT BEKKER, 451 RESEARCH
Cloud and SaaS break legacy IT Security models – Data security with encryption and access controls across environments is required.Service-based solutions and platforms that include automation are preferred for reduced costs and simplicity.
Get a better handle on the location of sensitive data, particularly for Cloud, Big Data, Containers and IoT
Global and industry regulations can be demanding, but agencies should consider moving beyond compliance to greater use of encryption and BYOK, especially for cloud and other advanced technology environments.
Encryption and access control
Don’t just check off the compliance box
Discover and classify
Re-prioritize your IT security tool set
Encryption needs to move beyond laptops and desktops.Data center: File and application level encryption and access controlsCloud: Encrypt and manage keys locally, BYOK enables safe SaaS, PaaS and IaaSBig Data: Encryption and access control within the environmentContainers: Encrypt and control access to data both within containers and underlying data storage locationsIoT: Use secure device ID and authentication, as well as encryption of data at rest on devices, back end systems and in transit to limit data threats
OUR SPONSORS
ABOUT THALES E-SECURITY
Instilling trust across the data landscapeOur powerful technology platform provides advanced data security for more servers, applications, and environments than any other security alternative
What we doThales e-Security provides companies everything they need to protect and manage their data and scale easily to new environments and requirements—encryption, advanced key management, tokenization, authorization, privileged user control, and HSMs.
Our customersOur customers include 19 of the world’s 20 largest banks, four of the world’s five largest oil companies, 27 NATO country members and 15 of the Fortune 25.
Data Protection Platform
Key Management Encryption
Our solutions protect data while eliminating complexity, inefficiency and cost
DATA PROTECTIONHARDWARE
DATA PROTECTIONSOFTWARE
CustomerRecords
DB/ File Encryption
Secure Analytics
Big Data
PII
ApplicationEncryption
PCI,PHI
TokenizationData Masking
Internet of
Things
Public KeyInfra (PKI)
Use Cases
CloudMigration
Cloud Security
Payment related apps
TransactionSecurity
ScriptDevelopmen
t
Code Signing
www.thales-esecurity.com
2017 THALES DATA THREAT REPORTTrends in Encryption and Data Security
MMEXICO AND BRAZIL EDITION
FOCUS ON BRAZIL
