sb-nz logo
Story image

Thales: A/NZ cybersecurity approach more talk than action

22 Sep 2020

Australia and Aotearoa New Zealand are approaching a digital inflection point where more corporate and sensitive data will be stored in the cloud than out of it, according to the 2020 Thales Asia-Pacific Data Threat Report. 

Currently around half (52%) of sensitive data stored in the cloud is encrypted, yet research indicates the pace of technology adoption over the next 12 months, including 21% growth in IoT and 61% increase in mobile payments, will see the volume of data grow quickly. 

Combined with an unexpected influx of work from home migrants, data security practices are going to be pushed to new extremes. 

Vulnerability

With the majority of organisations applying digital transformation to their businesses, complexity at the infrastructure level is on the rise.

Challenges in data security are emanating from a lack of organisational resources to keep transformation initiatives secure. 

The research found, just half (53%) of organisations in A/NZ believe their new technologies and initiatives are being deployed with the appropriate data security in place.

Complexity

Hybrid and multi-cloud infrastructures have become the norm, with Gartner estimating 90% of organisations will be using a combination of cloud models for their IT needs by 2021.

Thales agrees, finding 79% of organisations in A/NZ are using more than one IaaS vendor and 78% have more than one PaaS vendor to manage. 

The result being increased complexity, stretching IT management attention in many directions, and often resulting in multiple non-integrated encryption key management systems.

Sensitivity

Organisations in A/NZ estimate 43% of their data in the cloud is sensitive. 

Despite this significant sensitive data exposure, encryption of it is tokenistic with the practice low. 

With sensitive data defined as regulated data, Thales is surprised to see only half (52%) of respondents encrypting it all in the cloud.

Focus 

“Digital transformation, and the fact we must innovate and transform or die, is exposing us to security vulnerabilities we are not prepared for. The old school approach of statically building and enforcing cybersecurity is at odds with the reality that change is accelerating and being driven by software,” says Thales A/NZ regional director of data security solutions Brian Grant.

 “Organisations must get the basics right while accommodating the breadth and speed of change. Only by embedding data protection into business processes through codification, rather than applying it as an afterthought to infrastructure, can we be successful. 

“While some organisations are talking a good story, with privacy, data protection and compliance often discussed at the board level, predicted spending shows that most have the wrong focus. Our research found that next year data protection will fall below the rate of attention, to an average of only 14% of IT security budgets. This laissez-faire attitude to data protection is leaving organisations across the region vulnerable to attack, with the potential to stifle innovation and business agility for years to come as a consequence of the loss in customer confidence, and impact on the bottom line from digital initiative failures or data breach remediation costs.”

Story image
Palo Alto Networks launches new SD-WAN solutions and enhancements
Palo Alto Networks has introduced two new SD-WAN appliances and enhancements to its next-generation SD-WAN solution, expanding the company’s CloudGenix SD-WAN solutions reach.More
Story image
Video: 10 Minute IT Jams - protecting data with user behaviour analytics
In this video, Forcepoint senior sales engineer and solutions architect Matthew Bant discusses the company's DLP solution, the importance of integrating compliance into security solutions, and why cybersecurity strategies should take a more people-based approach.More
Story image
Experiencing ransomware significantly impacts cybersecurity approach
"The survey findings illustrate clearly the impact of these near-impossible demands. Among other things, those hit by ransomware were found to have severely undermined confidence in their own cyber threat awareness."More
Story image
Why best-practice threat data management provides confident automation
Understanding an organisation’s threat landscape requires having both the right threat data sources and the proper prioritisation to derive actionable threat intelligence for your organisation. More
Story image
Video: 10 Minute IT Jams - Who is LogRhythm?
LogRhythm VP of sales for Asia Pacific Simon Howe, who discusses the company's primary offerings and services, what products the company is focused on for the future, and the infrastructure it has in the A/NZ market.More
Story image
Creating private data regulations for employees
Whether employees are hired on a part-time or full-time basis, everyone must know about data privacy regulations. Everyone needs to be responsible for keeping the organisation’s data secure. More