Thales Data Threat Report: Security spending up, but so are breaches

It’s not happy reading if you're involved in IT security. But it will warm your heart if you’re a cybersecurity vendor.

Thales Data Threat Report: Security spending up, but so are breaches
typographyimages (CC0)

It’s interesting seeing how much money technology vendors spend on surveys that (at least most often) justify their own existence. It would be easy to be cynical about them, but beyond the self-serving aspects of it all, the data these surveys generate is interesting as a general “state of the nation” assessment.

A good case in point is Thales' new Data Threat Report (pdf). Thales is a huge vendor that employs over 60,000 people across 56 countries. With multibillion euro revenue, it makes sense for the company to increase the perception that it is a thought leader in its field. And Thales' field is a big one. It is a systems integrator, equipment supplier and service provider in the aerospace, transport, defense and security markets. A major part of the company's offering lies around cybersecurity. This report is, therefore, very much in its wheelhouse.

For those of us who aren’t potential Thales customers, we get the benefit of the report findings without the sales pitch. Win/win! The report polled over 1,000 senior IT security executives at large enterprises globally to assess vulnerability, cybersecurity spend and other issues.

What did this year’s report uncover? Basically things are bad. Sixty-eight percent of respondents have experienced a breach, with 26 percent experiencing a breach in the last year—both numbers that rose from last year. Paradoxically, overall security spending is also up; in 2017, 73 percent of organizations increased IT security spending—a marked jump from 2016 (58 percent).

While 30 percent of respondents classify their organizations as "very vulnerable" or "extremely vulnerable" to data attacks (and the number of breaches continues to rise) the two top spending priorities are network (62 percent) and endpoint (56 percent) protection solutions. Spending on data-at-rest solutions (46 percent) comes last.

In commenting on this apparent disconnect between spend and outcomes, Garrett Bekker, senior analyst of information security at 451 Research, which conducted the survey, had this to say:

“One possible explanation for this troubling state? Organizations keep spending on the same solutions that worked for them in the past but aren’t necessarily the most effective at stopping modern breaches. Data protection tactics need to evolve to match today’s threats. It stands to reason that if security strategies aren’t equally as dynamic in this fast-changing threat environment, the rate of breaches will continue to increase.”

Onto some commentary around the findings. 

Compliance the top driver for IT security spending

The reasons behind security spending decisions are varied, but the key driver remains constant: compliance. Almost half (44 percent) of respondents list meeting compliance requirements as their top spending priority, followed by best practices (38 percent) and protecting reputation/brand (36 percent). Fifty-nine percent also said compliance is "very" or "extremely" effective at preventing data breaches.

While compliance regulations provide a data security blueprint, they are by no means are the only consideration when building a security strategy robust enough to withstand today’s sophisticated attackers.

External and internal cyber actors the top threat

As in years past, the 2017 Data Threat Report explored threat perceptions. All vertical industries polled identified cyber criminals as the top threat (44 percent), followed by hacktivists (17 percent), cyberterrorists (15 percent) and nation-states (12 percent).

With respect to internal threats, 58 percent of respondents say privileged users are the most dangerous insiders (a slight decrease from last year’s 63 percent). At 44 percent, executive management is seen as the second-most risky insider, followed by ordinary employees (36 percent) and contractors (33 percent).

Securing data from future threats: Promise or peril?

In this age of the cloud and SaaS enterprise deployments, more and more enterprise data is being created, transported, processed and stored outside corporate network boundaries, making traditional perimeter-based security controls and legacy network and endpoint protection solutions increasingly less relevant.

Other new, popular technologies also bring added security challenges. For example, nearly 40 percent of respondents use Docker containers for production applications. At the same time, 47 percent cite security as the "top barrier" to broader Docker container adoption.

Peter Galvin, vice president of strategy for Thales e-security, makes the inevitable linkages between the survey findings and his own company’s products, saying:

“Enterprises today must inevitably confront an increasingly complicated threat landscape. Our world, which now includes the cloud, big data, the IoT and Docker, calls for robust IT security strategies that protect data in all its forms, at rest, in motion and in use. Businesses need to invest in privacy-by-design defense mechanisms—such as encryption—to protect valuable data and intellectual property and view security as a business enabler that facilitates digital initiatives and builds trust between partners and customers.”

Overall this report is a useful tool for those looking to assess risk and work out new year priorities for their cybersecurity challenge. Some interesting food for thought.

Copyright © 2017 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022