Enterprise digital transformation leaves data security behind

Implementing modern systems could have a sinister side-effect for enterprise companies.

60 percent of routers haven't had a firmware update, hacking expected to get worse Vulnerabilities in routers are an easy target for hackers - and attacks are becoming more destructive.

The rush to embrace new technologies in the name of business modernization, supply chain efficiency, visibility, and cost savings is leading to an increased risk of data compromise, researchers claim.

The 2019 Thales Data Threat Report, released on Tuesday, is based on a survey in which 1,200 IT and security executives contributed from organizations in nine countries. The research suggests that while organizations are adopting next-generation technologies, cybersecurity is still lacking in many cases.

The Internet of Things (IoT), Big Data, analytics, mobile payments, cloud services, edge computing, and AI are all examples of technology which are being both invested in and adopted now by companies.

These technologies, if implemented as part of a wider digital strategy, can benefit the enterprise in countless ways -- whether this is through the analysis of data which reveals new businesses opportunities, opening up new payment methods to increase customer orders, predictive maintenance of equipment in supply chains, or through the creation of smart chatbots, among many other examples.

However, Thales suggests that in the rush to adopt new solutions -- of which the majority of survey respondents said sensitive data is used in tandem with digitally transformative technologies -- encryption and protection is not as high on the priority list.

See also: This is how hackers can wipe your memory and steal your thoughts

While sensitive corporate or customer data is linked to new digital solutions in 97 percent of cases, fewer than 30 percent of these same respondents said that encryption is being used within these environments.

According to the survey, enterprise players that are aggressively overhauling their systems with new technologies are skating on the thinnest ice, with 28 percent running the highest risk of experiencing a data breach by ignoring suitable security standards in their enthusiasm.

However, there are a few areas in which encryption usage is in above-average use. In total, 42 percent of organizations using IoT, 47 percent of businesses using container technology, and 45 percent of companies which have adopted Big Data solutions use encryption in some form or another.

TechRepublic: 5 ways to enforce company security

The cloud is also proving to be a challenge for some organizations. Nine out of 10 survey respondents said their companies either are or will be using a cloud environment, and 44 percent of executives added that environmental complexity is proving to be a barrier to implementing strong data security measures -- far beyond budgets or staffing.

You may expect that in a time where data breaches make the news daily, massive data dumps are being leaked online, and companies ranging from the smallest SMB to Google are being fined for poor data practices, spending in data security would command a substantial amount in an IT budget.

However, Thales' research suggests this is not the case.

Half of the organizations surveyed said that only six to 15 percent of their security budgets are being spent on data security -- a figure which amounts to an average of 0.6 to 3 percent of an overall IT budget.

screenshot-2019-01-28-at-17-56-10.png

CNET: Samsung SmartThings still hasn't earned my trust in the smart home

"Data security is vitally important," says Tina Stewart, vice president of market strategy at Thales eSecurity. "Organizations need to take a fresh look at how they implement a data security and encryption strategy in support of their transition to the cloud and meeting regulatory and compliance mandates."

Previous and related coverage