Embed Size (px)
Citation preview
www.thales-esecurity.com
2017 THALES DATA THREAT REPORTTrends in Encryption and Data Security
EUROPEAN EDITION
FOCUS ON GERMANY
2017 THALES DATA THREAT REPORTTRENDS IN ENCRYPTION AND DATA PROTECTION
U.S.
MEXICO
U.K.GERMANY
JAPAN
AUSTRALIABRAZIL
1,100+ SENIOR IT SECURITY EXECUTIVES SURVEYED GLOBALLY | 100 GERMANY| 500 U.S. | 100 U.K., BRAZIL, MEXICO, JAPAN, AUSTRALIA
Copyright 2017 Thales
RESPONDENTS ORGANIZATIONS (GERMANY)100% - € 90M+51% - € 900M+16% - € 1800M+
THE EYE OF THE STORMENTERPRISES AROUND THE WORLD ARE AT THE NEXUS OF AN INCREASING NEED FOR DATA TO POWER GROWTH, REGULATORY REQUIREMENTS, AND ATTACKS AIMED AT THIS OFTEN SENSITIVE INFORMATION – AND GERMANY IS AT THE CENTER OF ALL OF
THESE TRENDS.
ENTERPRISES IN GERMANY SHOWED SUCCESS IN REDUCING DATA BREACH LEVELS THIS YEAR, BUT WITH LOOMING GDPR PENALTIES, HIGH LEVELS OF VULNERABILITY TO DATA THREATS AND INTENSE PRESSURE TO DRIVE GROWTH WITH CLOUD, BIG DATA
AND OTHER ADVANCED TECHNOLOGIES
THERE IS CLEARLY MORE TO DO.
OF GERMAN RESPONDENTS FELT THEIR ORGANIZATIONS WERE VULNERABLE TO DATA THREATS – THE HIGHEST RATE MEASURED WORLDWIDE95%WERE VERY OR EXTREMELY VULNERABLE 45%
VULNERABILITYTO DATA THREATS
GLOBAL
VULNERABLE VERY/EXTREMELY VULNERABLE
VERY OR EXTREMELY
VULNERABLE
SOMEWHAT OR MORE
VULNERABLE
16%
84%
UNITEDSTATES
REGIONAL
UNITEDKINGDOM
20% 31%45%JAPAN MEXICOGERMANY
90%95%84%
23% 19%
77%
49%
91%
BRAZIL AUSTRALIA
29%
90% 83%
88% 30%
E X P E C T T H E I R S P E N D I N G O N D AT A
S E C U R I T Y T O I N C R E AS E
• UP FROM 52% IN 2016 and 44% in 2015
• GLOBAL AVERAGE 73%
80%50%H AVE E X P E R I E N C E D
A D AT A B R E AC H
• 25% IN THE LAST YEAR (DOWN FROM 37% IN 2016)
• 9% MORE THAN ONCE (GLOBAL AVERAGE 12%)
Global73%
2015
2016
2017
58.5%
54%
80%
63%
44%
THE GOOD NEWS ABOUT DATA SECURITY IN GERMANY
SAFEOPERATION
30% – GERMANY33% – GLOBAL*
30% never had a data breach or compliance failure for data security violations
INCREASING SPENDINGTO PROTECT DATA
Germany
73%2017
COMPLIANCE AND BEST PRACTICES – CRITICAL FOR GDPRTOP IT SECURITY SPENDING PRIORITIES
IMPACT ON IT SECURITY SPENDING PRIORITIES (RATES OF TOP 3 SELECTION)
“Compliance requirements – as tough as they are now – will become even stricter with the full implementation of GDPR in 2018”
Garrett Bekker, Principal AnalystInformation Security, 451 Research
38% - 2017 COMPLIANCE REQUIREMENTS47% - 2016
19% - 2017 REPUTATION AND BRAND PROTECTION33% - 2016
24% - 2017 DATA BREACH PENALTIES36% - 2016
43% - 2017 IT SECURITY BEST PRACTICES39% - 2016
28% - 2017EXECUTIVE DIRECTIVE44% - 2016
33% - 2017PARTNER AND PROSPECT REQUIREMENTS47% - 2016
DATA BREACHES AT PARTNERS OR COMPETITORS19% - 201726% - 2016
PREVIOUS DATA BREACH22% - 201735% - 2016
COMPETITIVE/STRATEGIC CONCERNS21% - 201728% - 2016
INCREASED CLOUD USE36% - 2017Not measured
BEST PRACTICES A TOP REQUIREMENT TO COMPLY
WITH GDPR (14 MENTIONS) –COMPLIANCE AND BEST
PRACTICES TOP IT SECURITY SPENDING PRIORITIES AS A
RESULT
Garrett BekkerPrincipal Analyst Information Security, 451 Research
“.. external attackers frequently masquerade as insiders by using stolen or compromised credentials to access all types of valuable data, including PII, PHI, financial data and intellectual property”
36% GERMANY
54% GERMANY
44% GERMANY
34% GERMANY
ORDINARY EMPLOYEES
EXECUTIVEMANAGEMENT
THE MOST DANGEROUS INSIDERSPRIVILEGED
USERS
CONTRACTORS
58% GLOBAL
44% GLOBAL
36% GLOBAL
33% GLOBAL
TOP EXTERNAL THREAT ACTOR SELECTIONS
16%CYBER CRIMINALS
HACKTIVISTSNATIONSTATES
CYBER-TERRORISTS
COMPETITORS
15%11%18%41%
GERMANY
GLOBAL44% 12%
CYBER CRIMINALS
HACKTIVISTSNATION-STATES
CYBER-TERRORISTS
COMPETITORS
11%15%17%
66%OF IT SECURITY PROS IN GERMAN ENTERPRISES SURVEYED
ARE CONCERNED THAT THEY ARE DEPLOYING NEW TECHNOLOGIES IN ADVANCE OF HAVING APPROPRIATE
LEVELS OF DATA SECURITY IN PLACE
96%WILL USE SENSITIVE DATA IN AT
LEAST ONE OF THESE ADVANCED TECHNOLOGY ENVIRONMENTS
48%
4%
34%
40%
19%
35%
50%
45%
BLOCKCHAIN
CONTAINERS
BIG DATA
IOT
PAAS
MOBILE
IAAS
SAASRATES OF SENSITIVE DATA USE BY ENVIRONMENT TYPE
OLD HABITS DIE HARD – INVESTING HEAVILY INNETWORK AND END POINT SECURITY AS IT BECOMES LESS RELEVANT
IT SECURITY DEFENSE SPENDING INCREASESNETWORK
ANALYSIS AND CORRELATIONDATA IN MOTION
END POINT AND MOBILE
52%
41%
51%
58%
42%DATA AT REST
NETWORK
ANALYSIS AND CORRELATIONDATA IN MOTION
END POINT AND MOBILE
79%
80%
77%
72%
73%DATA AT REST
BELIEVE NETWORK SECURITY VERY/ EXTREMELY EFFECTIVE AT PROTECTING DATA
79%-2% FROM 2016
“… spending on securing internal networks from external threats is less and less effective – and relevant – as both the data and the people accessing it are increasingly external.”
RATES OF EFFECTIVENESS FOR PROTECTING DATA
WITH NATIONAL REGULATIONS LIKE GDPR COMING WORDWIDEDATA PRIVACY AND SOVEREIGNTY ARE MAKING WAVES EVERYWHERE
81% - GERMANY72% - GLOBAL
Impacted by Data Privacy and Data Sovereignty
ADDRESSING REQUIREMENTS BY: GERMANY
GLOBAL
TOKENIZING DATA
LOCAL HOSTING & CLOUD
39%68%
12%24%
ENCRYPTING DATA
MIGRATING DATA
TOKENIZING DATA
LOCAL HOSTING & CLOUD
40%64%
26%36%
ENCRYPTING DATA
MIGRATING DATA
JAPAN
U.S.A.
DATA PRIVACY/SOVEREIGNTY BEYOND GDPR
AIPP DATA PROTECTION AND
PRIVACY RULES GO LIVE SEPTEMBER 2017
47 STATE LAWS PLUS FEDERAL REGULATIONS
MEXICO
LFPDPPP PRIVACY LAW WITH FINES UP
TO £ 1.5M
BRAZIL
NEW PRIVACY LEGISLATION PENDING FOR
APPROVAL
COMPLEXITY AND STAFFINGTOP BARRIERS TO DATA SECURITY DEPLOYMENT
LACK OF STAFF TO MANAGE39%
LACK OF ORGANIZATIONAL BUY IN32%
58% COMPLEXITY
32% POTENTIAL PERFORMANCE IMPACTS
16% LACK OF PERCEIVED NEED
PERCEIVED BARRIERS TO ADOPTING DATA SECURITY
“…The lack of skilled security staff has been a consistent theme in 451’s research efforts the past few years, and in conjunction with complexity, makes a strong case for data security functionality delivered as a service”
Garrett Bekker451 Research
PERCEPTION OF COMPLEXITY
UNIVERSALLY THE TOP BARRIER
PERCEIVE COMPLEXITY AS THE TOP BARRIER TO ADOPTION DATA SECURITY SOLUTIONS
58%GLOBAL – 50%
29% LACK OF BUDGET
ENTERPRISE CONCERNS WITH CLOUD/SAAS ENVIRONMENTS
51% – GERMANY SECURITY BREACHES/ ATTACKS AT CSP59% – GLOBAL
56% – GERMANY57% – GLOBAL
SHARED INFRASTRUCTURE VULNERABILITIES
51% – GERMANY LACK OF DATA LOCATION CONTROL55% – GLOBAL
37% – GERMANY LACK OF DATA PRIVACY POLICY / SLA52% – GLOBAL
46% – GERMANY CLOUD PRIVILEGED USER ABUSE/THREATS53% – GLOBAL
37% – GERMANY MEETING COMPLIANCE REQUIREMENTS47% – GLOBAL
39% – GERMANY CUSTODIANSHIP OF ENCRYPTION KEYS51% – GLOBAL
46% – GERMANY LACK OF VISIBILITY INTO SECURITY PRACTICES50% – GLOBAL
CONCERNS WITH SENSITIVE DATA IN CLOUD ENVIRONMENTS
ARE HIGH, WITH NEARLY HALF OF RESPONDENTS LISTING THEM AS ENVIRONMENTS WHERE THEY ARE CONCERNED ABOUT USING SENSITIVE DATA
48% IAAS
42% PAAS
42% SAAS
THREATS - RATES OF VERY OR EXTREMELY CONCERNED
WHAT CAN CSPS AND SAAS PROVIDERS DOTO INCREASE ENTERPRISE CLOUD ADOPTION IN THE GERMANY?
CONSISTENTLY THE FIRST OR SECOND CHOICE THAT WOULD INCREASE ENTERPRISE USE OF CLOUD WORLDWIDE IS ENCRYPTION WITH ENTERPRISE PREMISE KEY CONTROL
DATA ENCRYPTION IN THE CLOUD WITH CSP PREMISES
KEY CONTROL
57%GERMANY
51%GLOBAL
EXPOSURE OF DETAILED MONITORING INFORMATION FOR OUR IMPLEMENTATION
45%GERMANY
41%GLOBAL
DETAILED PHYSICAL AND IT SECURITY IMPLEMENTATION
INFORMATION
47%GERMANY
47%GLOBAL
DATA ENCRYPTION IN THE CLOUD WITH ENTERPRISE KEY
CONTROL
50%GERMANY
61%GLOBAL
66% 64% 62% 61% 49%
U.S. MEXICO U.K. BRAZIL JAPAN
BIG DATA – TOP DATA SECURITY CONCERNS AND STATS
TOP 5 CONCERNS
42% GERMANY44% GLOBAL
SECURITY OF REPORTS THAT MAY INCLUDE
SENSITIVE DATA
48% GERMANY45% GLOBAL
SENSITIVE DATA MAY RESIDE ANYWHERE
41% GERMANY31% GLOBAL
LACK OF EFFECTIVE ACCESS CONTROLS
38% GERMANY36% GLOBAL
PRIVILEGED USER ACCESS TO
PROTECTED DATA
25% GERMANY
35% GLOBAL
PRIVACY VIOLATIONS, DATA ORIGINATING IN MULTIPLE
COUNTRIES
USING ENCRYPTION TO PROTECT DATA
IN BIG DATA ENVIRONMENTS TODAY
36%
VERY CONCERNED ABOUT SENSITIVE
INFORMATION IN BIG DATA WITHOUT DATA SECURITY CONTROLS
USING SENSITIVE INFORMATION IN BIG
DATA ENVIRONMENTS
GERMANY
36% GLOBAL
48% GERMANY
47% GLOBAL
33% GERMANY
44% GLOBAL
ENTERPRISES IN THE GERMANY HAVE HIGH IOT ADOPTIONUSE OF SENSITIVE DATA A CONCERN
TOP 5 DATA SECURITY CONCERNS FOR IOT
25% - PRIVILEGED USER ACCESS TO IOT DEVICES
25% - LACK OF IOT SECURITY FRAMEWORKS
25% - IDENTIFYING SENSITIVE IOT DATA
32% - PROTECTING SENSITIVE DATA GENERATED BY IOT
25% - LOSS OR THEFT OF IOT DEVICES
84%ADOPTING IOT TECHNOLOGIES
14%USING SENSITIVE
DATA IN IOT
34%VERY CONCERNED ABOUT
SENSITIVE DATA IN IOT
TOP 5 CONTROLS NEEDED TO INCREASE IOT ADOPTION
47% - ANTI-MALWARE FOR DEVICES
43% - BEHAVIORAL ANALYTICS / ANOMALY DETECTION
47% - SECURE ID AND AUTHENTICATION
58% - ENCYPTION OF DATA
36% - IOT MANAGEMENT AND APPLICATION ISOLATION
TOP SECURITY CONTROLS NEEDEDTO INCREASE CONTAINER ADOPTION AND USE IN THE GERMANY
SECURITY THE TOP BARRIER TO FURTHER CONTAINER
DEPLOYMENT
49%
35%
ENCRYPTION
39%
33%
56%
54%
VULNERABILITY SCANNING
ANTI-MALWARE
MONITORING
DIGITAL SIGNATURE IMAGE VALIDATION
42%
ENCRYPTION
36%
31%
45%
53%
VULNERABILITY SCANNING
ANTI-MALWARE
MONITORING
DIGITAL SIGNATURE IMAGE VALIDATION
GERMANY
GLOBAL
78%PLAN TO DEPLOY
CONTAINER TECHNOLOGY BY
END OF 2017
ALREADY IN PRODUCTION
35%
ENCRYPTION ENABLES DIGITAL TRANSFORMATIONA KEY TOOL REQUIRED FOR ADVANCED TECHNOLOGY ADOPTION
ENCRYPTION ENABLES FURTHER ADOPTION OF CLOUD
CLOUD DATA ENCRYPTION IN THE CLOUD57% 61%
ENCRYPTION OFFSETS TOP SECURITY CONCERNS
BIG DATALACK OF ACCESS CONTROLS
SECURITY OF REPORTSSENSITIVE DATA EVERYWHERE
41%42%48%
IOT DATA ENCRYPTION58%SECURE DIGITAL IDENTITY
(AN ENCRYPTION TECHNOLOGY)47%
CONTAINERS
GERMANY GLOBAL
ENCRYPTION THE TOP CONTROL NEEDED TO ENABLE GREATER ADOPTION
GLOBAL31%44%45%
THE TOP TECHNOLOGY NEEDED TO EXPAND USAGE56%
55%GLOBAL
GLOBAL53%GERMANY54%
GERMANY
GERMANY
BEST PRACTICE RECOMMENDATIONSGARRETT BEKKER, 451 RESEARCH
Cloud and SaaS break legacy IT Security models – Data security with encryption and access controls across environments is required.Service-based solutions and platforms that include automation are preferred for reduced costs and simplicity.
Get a better handle on the location of sensitive data, particularly for Cloud, Big Data, Containers and IoT
Global and industry regulations can be demanding, but agencies should consider moving beyond compliance to greater use of encryption and BYOK, especially for cloud and other advanced technology environments.
Encryption and access control
Don’t just check off the compliance box
Discover and classify
Re-prioritize your IT security tool set
Encryption needs to move beyond laptops and desktops.Data center: File and application level encryption and access controlsCloud: Encrypt and manage keys locally, BYOK enables safe SaaS, PaaS and IaaSBig Data: Encryption and access control within the environmentContainers: Encrypt and control access to data both within containers and underlying data storage locationsIoT: Use secure device ID and authentication, as well as encryption of data at rest on devices, back end systems and in transit to limit data threats
OUR SPONSORS
ABOUT THALES E-SECURITY
Instilling trust across the data landscapeOur powerful technology platform provides advanced data security for more servers, applications, and environments than any other security alternative
What we doThales e-Security provides companies everything they need to protect and manage their data and scale easily to new environments and requirements—encryption, advanced key management, tokenization, authorization, privileged user control, and HSMs.
Our customersOur customers include 19 of the world’s 20 largest banks, four of the world’s five largest oil companies, 27 NATO country members and 15 of the Fortune 25.
Data Protection Platform
Key Management Encryption
Our solutions protect data while eliminating complexity, inefficiency and cost
DATA PROTECTIONHARDWARE
DATA PROTECTIONSOFTWARE
CustomerRecords
DB/ File Encryption
Secure Analytics
Big Data
PII
ApplicationEncryption
PCI,PHI
TokenizationData Masking
Internet of
Things
Public KeyInfra (PKI)
Use Cases
CloudMigration
Cloud Security
Payment related apps
TransactionSecurity
ScriptDevelopmen
t
Code Signing
www.thales-esecurity.com
EUROPEAN EDITION
FOCUS ON GERMANY
2017 THALES DATA THREAT REPORTTrends in Encryption and Data Security
