As more companies adopt multi-cloud strategies and hybrid work remains the norm, IT leaders continue to be challenged by the sprawl of data across their organisations and find it more difficult to locate all their data.
The 2022 Thales Data Threat Report, conducted by 451 Research found that 56% of IT leaders were very confident or had complete knowledge of where their data was being stored, down from 64% the previous year, and only 25% stated they were able to classify all their data.
Threats & compliance challenges
Throughout 2021, security incidents remained high, with 29% of businesses experiencing a breach in the past 12 months, while 43% of IT Leaders admitted to having failed a compliance audit.
Globally, IT leaders ranked malware (56%), ransomware (53%) and phishing (40%) as the leading source of security attacks. Managing these risks is an ongoing challenge, with 45% of IT leaders reporting an increase in the volume, severity and/or scope of cyberattacks in the past 12 months.
Increasing complexity & risk
Cloud adoption is increasing with 34% of respondents saying they used more than 50 Software as a Service (SaaS) apps and 16% used more than 100 apps.
However, 51% of IT leaders agreed that it is more complex to manage privacy and data protection regulations in a cloud environment than in on-premises networks within their organisation, up from 46% last year.
The report also revealed significant momentum amongst businesses to store data in the cloud, with 32% of respondents stating that around half of their workloads and data resides in external clouds, and 23% reporting more than 60%. However, 44% reported that they had experienced a breach or failed an audit in their cloud environments.
Additionally, the use of encryption to protect sensitive data is low, with 50% of respondents disclosing that more than 40% of their sensitive data has been encrypted, and 22% stating more than 60%. Representing a significant ongoing risk for businesses.
Remote Work Worries
Another full year of remote working demonstrated that navigating security risks is proving a significant challenge for businesses. Worryingly, 79% of businesses are still concerned about the security risks and threats posed by remote working. About 55% of IT leaders reported having implemented multi-factor authentication (MFA), a figure unchanged from the previous year.
Threats on the horizon
However, the report also showed that IT leaders have significant diversity of spending technology priorities – suggesting they are serious about tackling complex threat environments.
About 26% stated that broad cloud security toolsets are the greatest future spending priority. Another 25% of IT leaders stated they were prioritising key management, with Zero Trust an important strategy for 23%.
IT leaders are also increasingly aware of the future challenges on the horizon. Looking ahead, when asked to identify security threats from quantum computing, 52% said they were concerned with ‘tomorrow’s decryption of today’s data’, a concern that will likely be intensified by the increasing complexity of cloud environments.
Sebastien Cano, senior vice president for cloud protection and licensing activities at Thales, commented that as the pandemic continues to affect both our business and personal lives, any expectation of a ‘return’ to pre-pandemic conditions has faded.
He added that while teams around the world have continued to face challenges in securing their data, the research indicates that urgent action is needed by businesses to develop more robust cybersecurity strategies.
“The attack surface, as well as the asset management challenges, are only set to increase in the coming year, and it is vital that businesses deploy a robust security strategy based on discovery, protection and control,” he concluded.