Heureka’s part in the changing face of data security
With the rapid proliferation of digital technologies like cloud, mobile, social and the Internet of Things, and a wide array of storage locations like desktops, laptops file shares and cloud, data security is the continual critical component to the operations of most any organization.
A recent report from Thales eSecurity, The Changing Face of Data Security: 2019 Thales Data Threat Report, details a global digital transformation (DX) and shows how organizations can begin to adapt with the changing face of data security.
Heureka often cites three critical statistics in conveying the magnitude of this topic: 80% of organizational data is unstructured, this unstructured data is estimated to be growing at 63% annually and 70% of data is redundant, obsolete or trivial (ROT).
What is changing
Information security professionals are being stretched thin, according to the report, which is based on a global International Data Corporation (IDC) survey of 1,200 executives.
Security pros are confronting a serious threat environment, in which breaches are commonplace, while at the same time trying to adapt to the massive migration of data away from “locked vaults” in an organization’s data center to the cloud. Many corporations migrating the data are blind to the risk of data content or whether the data actually has any intrinsic value to the company at all. Considering a huge percentage of data is considered ROT, data maps across unstructured data become a valuable tool in the migration of data.
Digital transformation is well underway, the report’s survey shows.
By the Numbers:
3%: Share of survey respondents who say they have no digital transformation stance or strategy
19%: Apply digital transformation in an ad-hoc manner, case-by-case manner
14%: Basic digital capabilities executed on an isolated opportunistic project basis
24%: IT goals are aligned with enterprise near-term strategy with documented, standardized, repeatable digital capabilities
24%: Digital capabilities are embedded in the enterprise and tightly linked to an agile management vision
15%: Aggressively disruptive in our use of new digital technologies and business models to affect markets
IDC found that, while digital transformation is providing benefits to organizations and their customers, it is creating a digital divide between “haves”—those aggressively implementing modern IT architectures—and “have-nots.”
Ironically, however, the “haves” could be in a more difficult position from a security outlook because, with limited budgets, these organizations are propping up old infrastructures while at the same time introducing DX technologies.
The report’s findings related to security spend are alarming.
Did You Know: “This year, only 50% of companies told IDC that they expect an increase in their security budget, a lower position compared to last year’s report, when 79% of organizations expected to spend more.”
Another trend taking shape is that threat vectors are shifting to external actors, leading to a significant share of respondents reporting a breach.
By the Numbers:
60%: Global share that report having a breach at some point in their history
30%: Experienced a breach in the past year
65%: Share in the U.S. that experienced a breach at some point
34%: Share in the U.S. that experienced a breach in the past year
86%: Share of respondents acknowledging they are vulnerable to data security threats
Lastly, regulatory and compliance changes are introducing new challenges.
Thales reports there are now more than 100 privacy laws and initiatives promoted by governments around the world including: EU’s GDPR, Germany’s BDSG and standards in California and New York.
Did You Know: “When asked how they are addressing data privacy and sovereignty issues, encryption and tokenization emerged as the leading method of addressing them, with 44% of respondents saying they encrypt personal data subject to privacy/sovereignty regulations, and another 19% using tokenization.
How to respond
Digital transformation is creating complexity and changing the way data is migrated and stored.
Organizations are using a multi-layered approach to keep pace with this rapidly changing nature of data security, with respondents placing a roughly equal amount of focus on network (36%), data (34%) and application security (30%).
With budgets that are not keeping pace with increasingly stringent regulatory and compliance environments, security professionals need tools such as Heureka to assist. The following is guidance from both the report and how Heureka is aligned in this area.
- Understand what data you have and where it exists. Cyber budgets are stretched thin enough, but knowing what data your organization has and especially what type of risk is present allows you to create a more targeted cyber security plan.
- Focus on all threat vectors. Threats are both external and internal to an organization. Don’t assume technology and processes already in place are sufficient.
- Invest in modern, hybrid and multi-cloud-based data security tools and measures that scale to modern architectures. Organizations should focus on solutions that can simplify the data security landscape and reduce complexity.
- Do more with less. Security professionals should identify solutions that address multiple layers of security concerns in a cost-effective manner, while also reducing the burden on operating staff.
- Prioritize compliance and sovereignty issues. Policymakers are following Europe’s lead to further protect citizens’ data. Organizations should become familiar with the regulatory environments in which they operate.
The bottom line is that no organization is 100% safe from data security risks. History has proven that even the most sophisticated companies are getting breached or becoming victims of ransomware attacks.
In the simplest of terms, you and your organization must begin to understand the nature of your data. Heureka allows you to gain insight and control over your unstructured data at a level never thought possible. Heureka covers a once unheard of level of data sources including desktops, laptops, file shares and cloud sources running any combination of Windows, macOS or Linux. Heureka helps in the following ways:
- Proactively mitigate risk: Quantify risk exposure and increase business resiliency by finding and eliminating data with no business, legal or regulatory value. In other words, eliminate ROT.
- Ensure Governance and Compliance: Regularly audit governance and compliance policies to measure effectiveness.
- Reduce Migration Costs: Search and analyze data at the point of creation and understand data content before migrating data to cloud sources. The reduction of redundant, obsolete or trivial data can have a tremendous cost savings as you may have to store 50-60% less data.
Visit HeurekaSoftware.com for more information.