Lack of encryption in cloud causing security challenges, says Thales study

The results of the 2020 Thales Data Threat Report- Global Edition show a prominent trend of security struggles in the cloud as companies come to grips with digital transformation.

50% of company data is stored in the cloud, while 48% can be considered sensitive.

In addition to all respondents stating that some sensitive cloud data isn’t encrypted, 49% declared a data breach within the last year, while 45% of organisations transforming specifically within the software-as-a-service (SaaS) and social media were attacked.

According to the IDC, the value of cloud IT infrastructure reached $65.4 billion in 2019.

“As organisations face expanding and more complex cyber security challenges because of multi-cloud adoption and digital transformation, they need smarter and better ways to approach data protection,” said Frank Dickson, program vice president, cybersecurity products at IDC. “Zero trust is a fantastic initiative to authenticate and validate the users and devices accessing applications and networks, but does little to protect sensitive data should those measures fail.

“Employing robust data discovery, hardening, data loss prevention, and encryption solutions provide an appropriate foundation for data security, completing the objective of pervasive cyber protection.”

How to leverage multi-cloud strategies, from deployment to security

Perry Krug, architect, office of the CTO at Couchbase, discusses how to successfully adopt and leverage multi-cloud strategies. Read here

The issue of security is also being complicated by companies using multiple Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS) environments; each have a proportion of 81% doing so, while 11% are managing more than 100 SaaS applications.

In regards to the rates that various sectors digitally transform, governmental bodies led the pack, with 49% declaring either aggressive disruption of markets they deal in, or embedding digital capabilities for greater agility. This was followed by healthcare (47%), retail (45%), and financial services (30%).

The latter sector, however, had the highest proportion of companies that either experienced a data breach or failed a compliance audit within the past year (54%), followed by government (52%), retail (49%) and retail (37%).

Another security concern that respondents cited was the rise of quantum computing; 72% expressed belief that quantum computing power will impact data security operations, while 27% see quantum threatening their data within the next year.

“The Thales 2020 Data Threat Report-Global Edition clearly demonstrates that unprecedented amounts of sensitive data are being stored in multi-cloud environments by organisations all over the world,” said Tina Stewart, vice-president, global market strategy for cloud protection and licensing activity at Thales. “Having the right cloud security in place has never been more critical. As 5G networks are rolled out, IoT continues to expand and quantum computing creeps closer to becoming a reality, organisations must adopt a more modern data protection mindset.

Cyber security for IoT and edge computing

The internet of things has its own unique cybersecurity considerations, as for cyber security and Edge computing, there are a lot of unknowns. Read here

“The first step towards protecting sensitive data is knowing where to find it. Once classified, this data should be encrypted and protected with a strong multi-cloud key management strategy.”

The IDC also weighed in on data security best practices, recommending the following:

  • Invest in modern data security tools for hybrid and multi-cloud environments;
  • Consider a zero-trust approach;
  • Increase focus on data discovery solutions and key management centralisation;
  • Pay attention to threat vectors within company control;
  • Stay vigilant by encrypting data.