Embed Size (px)
Citation preview
www.thales-esecurity.com
2017 THALES DATA THREAT REPORTTrends in Encryption and Data Security
MEXICO AND BRAZIL EDITION
2017 THALES DATA THREAT REPORTTRENDS IN ENCRYPTION AND DATA PROTECTION
U.S.
MEXICO
U.K.GERMANY
JAPAN
AUSTRALIABRAZIL
1,100+ SENIOR IT SECURITY EXECUTIVES SURVEYED GLOBALLY | 100 MEXICO | 500 U.S. | 100 BRAZIL, GERMANY, JAPAN, AUSTRALIA, U.K.
Copyright 2017 Thales
RESPONDENTS ORGANIZATIONS (MEXICO)100% - $3.8B MEX+74% - $9.5B MEX+54% - $19B MEX+
GARRET BEKKER – PRINCIPAL ANALYST, INFORMATION SECURITY
THE BIG DISCONNECT
“OUR 2017 REPORT FINDS A SITUATION WHERE SPENDING ON IT SECURITY IS SHARPLY INCREASED IN MEXICO – YET DATA BREACHES ARE ALSO UP
SIGNIFICANTLY.”
“FUNDAMENTAL IT SECURITY STRATEGIES ARE ALSO NOT KEEPING UP WITHTHE PACE OF TECHNICAL CHANGE. 75% OF MEXICAN RESPONDENTS
INDICATED THAT NEW TECHNOLOGIES ARE DEPLOYED BEFORE DATA SECURITY IS IN PLACE”
“CLEARLY, THERE’S STILL A BIG DISCONNECT.”
OF MEXICAN RESPONDENTS FELT THEIR ORGANIZATIONS WERE VULNERABLE TO DATA THREATS90%WERE VERY OR EXTREMELY VULNERABLE –MORE THAN 3X THE 10% RATE IN 2016 31%
VULNERABILITYTO DATA THREATS
GLOBAL
VULNERABLE VERY/EXTREMELY VULNERABLE
VERY OR EXTREMELY
VULNERABLE
SOMEWHAT OR MORE
VULNERABLE
16%
84%
UNITEDSTATES
REGIONAL
UNITEDKINGDOM
20% 31%45%JAPAN MEXICOGERMANY
90%95%84%
23% 19%
77%
49%
91%
BRAZIL AUSTRALIA
29%
90% 83%
88% 30%
E X P E C T T H E I R S P E N D I N G O N D AT A
S E C U R I T Y T O I N C R E AS E
UP FROM 65% IN 2016
79%78%H AVE E X P E R I E N C E D
A D AT A B R E AC H
• HIGHEST RATE MEASURED• 34% IN THE LAST YEAR –
UP FROM 10% IN 2016• 19% WERE BREACHED
BOTH THIS YEAR AND PREVIOUSLY
TOP DRIVERS FOR IT SECURITY SPENDING
DATA BREACH PREVENTION A LOWER PRIORITY IN SPITE OF
FINES AND HIGHEST DATA BREACH RATES IN THE WORLD,
IT SECURITY SPENDING PRIORITIES (RATES OF TOP 3 SELECTION)
EVEN WITH “LEY FEDERAL DE PROTECCIÓN DE DATOS PERSONALES EN POSESIÓN DE LOS PARTICULARES” IN PLACE – PREVENTING DATA BREACHES
IS ONLY THE THIRD HIGHEST PRIORITY
47% IT SECURITY BEST PRACTICES
42% INCREASED CLOUD USE
40% DATA BREACH PENALTIES
37% REPUTATION AND BRAND PROTECTION
30% EXECUTIVE DIRECTIVE
25% COMPLIANCE REQUIREMENTS
24% PARTNER AND PROSPECT REQUIREMENTS
24% COMPETITIVE/STRATEGIC CONCERNS
18% PREVIOUS DATA BREACH
$ 23M+MXN
78%FINES UP TO
320,000 TIMES MEXICO CITY
MINIMUM WAGE(LFPDPPP)
HIGHEST RATE OF DATA BREACHES
MEASURED
INCREASING SPENDING THE MOST WHERE DEFENSES OFTEN FAIL TO PROTECT DATA
IT SECURITY DEFENSE SPENDING INCREASES
NETWORK
ANALYSIS AND CORRELATIONDATA IN MOTION
END POINT AND MOBILE
67%
61%
64%
60%
44%DATA AT REST
BELIEVE NETWORK SECURITY VERY/ EXTREMELY EFFECTIVE AT PROTECTING DATA
91%+14% FROM 2016
BELIEVE ENDPOINT PROTECTION VERY/EXTREMELY EFFECTIVE AT PROTECTING DATA
77%+15% FROM 2016
…organizations keep spending on the same solutions that worked for them in the past but aren’t necessarily the most effective at stopping modern breaches”
“
Garrett Bekker, 451 Research
… spending on securing internal networks from external threats is less and less effective – and relevant – as both the data and the people accessing it are increasingly external.”
“
DATA PRIVACY AND SOVEREIGNTY IMPACTING ENTERPRISES WORLDWIDE
79% - MEXICO72% - GLOBAL
Impacted by Data Privacy and Data Sovereignty
ADDRESSING REQUIREMENTS BY:
“Data privacy has become a hot topic in light of concerns about government snooping, and not surprisingly a host of new privacy laws and regulations are in the process of being revised or enacted around the world, such as GDPR in Europe and LFPDPPP in Mexico.”
Garrett BekkerPrincipal Analyst
451 Research
MEXICO
GLOBAL
TOKENIZING DATA
LOCAL HOSTING & CLOUD
60%74%
31%51%
ENCRYPTING DATA
MIGRATING DATA
TOKENIZING DATA
LOCAL HOSTING & CLOUD
40%64%
26%36%
ENCRYPTING DATA
MIGRATING DATA
COMPLEXITY AND SKILL SHORTAGESTOP BARRIERS TO DATA SECURITY DEPLOYMENT
LACK OF STAFF TO MANAGE
LACK OF ORGANIZATIONAL BUY IN
46%
48%
39%
31%
40%
COMPLEXITY
POTENTIAL PERFORMANCE IMPACTS
LACK OF PERCEIVED NEED
PERCEIVED BARRIERS TO ADOPTING DATA SECURITY
“…The lack of skilled security staff has been a consistent theme in 451’s research efforts the past few years, and in conjunction with complexity, makes a strong case for data security functionality delivered as a service”
Garrett Bekker451 Research
PERCEPTION OF COMPLEXITY
UNIVERSALLY THE TOP BARRIER
PERCEIVE COMPLEXITY AS THE TOP BARRIER TO ADOPTION DATA SECURITY SOLUTIONS
48%-2% FROM 2016GLOBAL – 50%
30% LACK OF BUDGET
75%OF ORGANIZATIONS SURVEYED ARE DEPLOYING NEW TECHNOLOGIES IN
ADVANCE OF HAVING APPROPRIATE LEVELS OF DATA SECURITY IN PLACE
99%WILL USE SENSITIVE DATA IN AT
LEAST ONE OF THESE ADVANCED TECHNOLOGY ENVIRONMENTS
39%
15%
42%
63%
22%
45%
60%
61%
BLOCKCHAIN
CONTAINERS
BIG DATA
IOT
PAAS
MOBILE
IAAS
SAASRATES OF SENSITIVE DATA USE BY ENVIRONMENT TYPE
ENTERPRISE CONCERNS WITH CLOUD/SAAS ENVIRONMENTS
78% – MEXICO SECURITY BREACHES/ ATTACKS AT CSP59% – GLOBAL
75% – MEXICO57% – GLOBAL
SHARED INFRASTRUCTURE VULNERABILITIES
64% – MEXICO LACK OF DATA LOCATION CONTROL55% – GLOBAL
69% – MEXICO LACK OF DATA PRIVACY POLICY / SLA52% – GLOBAL
81% – MEXICO CLOUD PRIVILEGED USER ABUSE/THREATS53% – GLOBAL
66% – MEXICO MEETING COMPLIANCE REQUIREMENTS47% – GLOBAL
76% – MEXICO CUSTODIANSHIP OF ENCRYPTION KEYS51% – GLOBAL
63% – JAPAN LACK OF VISIBILITY INTO SECURITY PRACTICES50% – GLOBAL
CONCERNS WITH SENSITIVE DATA IN CLOUD ENVIRONMENTS
ARE ALSO HIGH, WITH OVER HALF OF RESPONDENTS LISTING THEM AS ENVIRONMENTS WHERE THEY ARE CONCERNED ABOUT USING SENSITIVE DATA
57% PAAS
56% SAAS
56% IAAS
THREATS - RATES OF VERY OR EXTREMELY CONCERNED
WHAT CAN CSPS AND SAAS PROVIDERS DOTO INCREASE ENTERPRISE CLOUD ADOPTION IN MEXICO?
SUPPORT FOR CLOUD HSMSDATA ENCRYPTION IN THE CLOUD WITH ENTERPRISEPREMISE KEY CONTROL
CONSISTENTLY THE FIRST OR SECOND CHOICE THAT WOULD INCREASE ENTERPRISE USE OF CLOUD WORLDWIDE IS ENCRYPTION WITH ENTERPRISE PREMISE KEY CONTROL
64%MEXICO
61%GLOBAL
DATA ENCRYPTION IN THE CLOUD WITH CSP KEY
CONTROL
SLA AGREEMENTS AND LIABILITY TERMS FOR
DATA BREACHES
56%MEXICO
49%GLOBAL
48%MEXICO
42%GLOBAL
50%MEXICO
51%GLOBAL
66% 61% 62% 50% 49%
U.S. BRAZIL U.K. GERMANY JAPAN
BIG DATA – TOP DATA SECURITY CONCERNS AND STATS
TOP 5 CONCERNS
36% MEXICO
47% MEXICO
42% MEXICO
46% MEXICO
34% MEXICO
44% GLOBALSECURITY OF REPORTS THAT MAY INCLUDE
SENSITIVE DATA
45% GLOBALSENSITIVE DATA MAY RESIDE ANYWHERE
35% GLOBAL
PRIVACY VIOLATIONS - DATA ORIGINATES IN MANY
COUNTRIES
36% GLOBAL
PRIVILEGED USER ACCESS TO
PROTECTED DATA
31% GLOBALLACK OF EFFECTIVE ACCESS
CONTROLS
USING ENCRYPTION TO PROTECT DATA
IN BIG DATA ENVIRONMENTS TODAY
40%
VERY CONCERNED ABOUT SENSITIVE
INFORMATION IN BIG DATA WITHOUT DATA SECURITY CONTROLS
USING SENSITIVE INFORMATION IN BIG
DATA ENVIRONMENTS
MEXICO
36% GLOBAL
39% MEXICO
47% GLOBAL
49% MEXICO
44% GLOBAL
ENTERPRISES IN MEXICO HAVE HIGH IOT ADOPTIONUSE OF SENSITIVE DATA A CONCERN
TOP 5 DATA SECURITY CONCERNS FOR IOT
28% - IOT ATTACK OPSIMPACT
32% - PRIVACY VIOLATIONSFROM IOT DATA
30% - IDENTIFYING WHICHDATA IS SENSITIVE
46% - PROTECTING SENSITIVE DATA GENERATED BY IOT
37% - PRIVILEGED USER ACCESSTO IOT DEVICES
95%ADOPTING IOT TECHNOLOGIES
27%USING SENSITIVE
DATA IN IOT
32%VERY CONCERNED ABOUT
SENSITIVE DATA IN IOT
TOP 5 CONTROLS NEEDED TO INCREASE IOT ADOPTION
51% - ANTI-MALWARE FOR DEVICES
58% - IOT NETWORK ISOLATION
67% SECURE ID ANDAUTHENTICATION
57% - ENCYPTION OF DATA
52% - ANOMALY DETECTION/BEHAVIORAL ANALYSIS
TOP SECURITY CONTROLS NEEDEDTO INCREASE CONTAINER ADOPTION AND USE IN MEXICO
SECURITY THE TOP BARRIER TO CONTAINER DEPLOYMENT
47%
46%
ENCRYPTION
38%
37%
37%
55%
VULNERABILITY SCANNING
ANTI-MALWARE
MONITORING TOOLS FOR CONTAINERS
DIGITAL SIGNATURE IMAGE VALIDATION
42%
ENCRYPTION
36%
31%
45%
53%
VULNERABILITY SCANNING
ANTI-MALWARE
MONITORING TOOLS FOR CONTAINERS
DIGITAL SIGNATURE IMAGE VALIDATION
MEXICO
GLOBAL
97%PLAN TO DEPLOY
CONTAINER TECHNOLOGY BY
END OF 2017
ENCRYPTION ENABLES DIGITAL TRANSFORMATIONA KEY TOOL REQUIRED FOR ADVANCED TECHNOLOGY ADOPTION
ENCRYPTION ENABLES FURTHER ADOPTION OF CLOUD
CLOUD DATA ENCRYPTION IN THE CLOUD WITH ENTERPRISE PREMISE KEY CONTROL
64% 61%
ENCRYPTION OFFSETS TOP SECURITY CONCERNS
BIG DATASENSITIVE DATA EVERYWHERE
SECURITY OF REPORTSPRIVILEGED USER ACCESS
36%47%46%
IOT DATA ENCRYPTION57%SECURE DIGITAL IDENTITY
(AN ENCRYPTION TECHNOLOGY)67%
CONTAINERS
MEXICO GLOBAL
ENCRYPTION A TOP CONTROL NEEDED TO ENABLE GREATER ADOPTION
GLOBAL45%44%36%
THE TOP TECHNOLOGY NEEDED TO EXPAND USAGE56%55%
GLOBAL
GLOBAL53%MEXICO55%
MEXICO
MEXICO
BEST PRACTICE RECOMMENDATIONSGARRETT BEKKER, 451 RESEARCH
Cloud and SaaS break legacy IT Security models – Data security with encryption and access controls across environments is required.Service-based solutions and platforms that include automation are preferred for reduced costs and simplicity.
Get a better handle on the location of sensitive data, particularly for Cloud, Big Data, Containers and IoT
Global and industry regulations can be demanding, but agencies should consider moving beyond compliance to greater use of encryption and BYOK, especially for cloud and other advanced technology environments.
Encryption and access control
Don’t just check off the compliance box
Discover and classify
Re-prioritize your IT security tool set
Encryption needs to move beyond laptops and desktops.Data center: File and application level encryption and access controlsCloud: Encrypt and manage keys locally, BYOK enables safe SaaS, PaaS and IaaSBig Data: Encryption and access control within the environmentContainers: Encrypt and control access to data both within containers and underlying data storage locationsIoT: Use secure device ID and authentication, as well as encryption of data at rest on devices, back end systems and in transit to limit data threats
OUR SPONSORS
ABOUT THALES E-SECURITY
Instilling trust across the data landscapeOur powerful technology platform provides advanced data security for more servers, applications, and environments than any other security alternative
What we doThales e-Security provides companies everything they need to protect and manage their data and scale easily to new environments and requirements—encryption, advanced key management, tokenization, authorization, privileged user control, and HSMs.
Our customersOur customers include 19 of the world’s 20 largest banks, four of the world’s five largest oil companies, 27 NATO country members and 15 of the Fortune 25.
Data Protection Platform
Key Management Encryption
Our solutions protect data while eliminating complexity, inefficiency and cost
DATA PROTECTIONHARDWARE
DATA PROTECTIONSOFTWARE
CustomerRecords
DB/ File Encryption
Secure Analytics
Big Data
PII
ApplicationEncryption
PCI,PHI
TokenizationData Masking
Internet of
Things
Public KeyInfra (PKI)
Use Cases
CloudMigration
Cloud Security
Payment related apps
TransactionSecurity
ScriptDevelopmen
t
Code Signing
www.thales-esecurity.com
2017 THALES DATA THREAT REPORTTrends in Encryption and Data Security
MEXICO AND BRAZIL EDITION
