Story image

Most organisations unconfident in ability to protect data after breach

14 Jun 2016

The majority of IT professionals say they are not confident in their ability to keep their organization’s data secure following a breach, a Gemalto study has found.

At a time when one-third of organisations have experienced a data breach in the last 12 months, and more than 3.9 billion data records have been lost or stolen since 2013, the report’s findings will be a cause for some concern.

In a survey of 1,100 IT decision makers around the world, 61% said their perimeter security systems – including firewall, AV and content filtering – were “very effective” at keeping unauthorised users out of their network. However, 69% said they are not confident their organization’s data would be secure if their perimeter security was breached.

Worryingly, as many as 66% of IT professionals say that unauthorised users can access their networks, and 16% believe unauthorised users have access to their entire networks.

“This research shows that there is indeed a big divide between perception and reality when it comes to the effectiveness of perimeter security,” said Jason Hart, vice president and chief technology officer for data protection at Gemalto.

“The days of breach prevention are over, yet many IT organisations continue to rely on perimeter security as the foundation of their security strategies. The new reality is that IT professionals need to shift their mindset from breach prevention to breach acceptance and focus more on securing the breach by protecting the data itself and the users accessing the data.”

The heavy reliance on perimeter security systems also neglects the possibility of data leaks occurring from inside an organisation.

One recent survey suggested that the greatest threat posed to a business’ cybersecurity program are employees. This 2015 paper, by Nuix, reported that the overwhelming majority of respondents (93%) consider “human behavior” to be the number one threat to their security.

“While protecting the perimeter is important, organisations need to come to the realisation that they need a layered approach to security in the event the perimeter is breached,” concluded Mr. Hart for Gemalto.

“By employing tools such as end-to-end encryption and two-factor authentication across the network and the cloud, they can protect the whole organisation and, most importantly, the data.”

Article by Narinder Purba, senior editor, welivesecurity.

New threat rears its head in new malware report
Check Point’s researchers view Speakup as a significant threat, as it can be used to download and spread any malware.
Oracle updates enterprise blockchain platform
Oracle’s enterprise blockchain has been updated to include more capabilities to enhance development, integration, and deployment of customers’ new blockchain applications.
Used device market held back by lack of data security regulations
Mobile device users are sceptical about trading in their old device because they are concerned that data on those devices may be accessed or compromised after they hand it over.
Gartner names ExtraHop leader in network performance monitoring
ExtraHop provides enterprise cyber analytics that deliver security and performance from the inside out.
Symantec acquires zero trust innovator Luminate Security
Luminate’s Secure Access Cloud is supposedly natively constructed for a cloud-oriented, perimeter-less world.
Palo Alto releases new, feature-rich firewall
Palo Alto is calling it the ‘fastest-ever next-generation firewall’ with integrated cloud-based DNS Security service to stop attacks.
The right to be forgotten online could soon be forgotten
Despite bolstering free speech and access to information, the internet can be a double-edged sword, because that access to information goes both ways.
Opinion: 4 Ransomware trends to watch in 2019
Recorded Future's Allan Liska looks at the past big ransomware attacks thus far to predict what's coming this year.