Organizations reached a global cloud tipping point causing them to struggle with security challenges of digital transformation (DX), according to a Thales study. Today, half (50%) of all corporate data is stored in the cloud and nearly half (48%) of that data is considered sensitive. With multi-cloud usage becoming the new normal for companies, all respondents said at least some of the sensitive data stored in the cloud is not encrypted and 49% globally indicated that they have experienced a breach. In addition to DX and multi-cloud complexities, the global study shows that quantum computing has skyrocketed as a major concern with 72% of organizations claiming it will affect their security and cryptographic operations in the next five years.
The rush for digital transformation and the security fallout
With input from 1,723 executives with responsibility for, or influence over, IT and data security around the world, the study dove deeper into the specific security challenges resulting from the “DX Era.” The study revealed that the more digitally transformed, the more likely an organization is to be breached. While organizations pursing DX are capturing competitive advantages, the worldwide rush to implement disruptive technologies is creating new vulnerabilities resulting in data breaches and compliance audit failures. According to the study, 45% of organizations in the top two DX categories, Software as a Service (SaaS) and social media, experienced a breach in the past year.
Multi-cloud is the new normal, but a top barrier to data security
Companies are using multiple Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) environments, as well as hundreds of SaaS applications. 81% are using more than one IaaS vendor (the U.S. figure is 86%), 81% have more than one PaaS vendor (the U.S. figure is 86%), and 11% have more than 100 SaaS applications to manage. As more data migrates to the cloud, security becomes more complex. Nearly 40% of respondents rate complexity as their top perceived barrier to implementing data security, down slightly from 44% last year.
Quantum computing is on the horizon
The global study draws new attention to the anticipated impact of quantum computing. Within the next five years, 72% of organizations believe quantum computing power will affect their data security operations while 27% see it as a threat within the next year, highlighting the need for organizations to improve their post-quantum encryption strength.
Not all industries are embracing digital transformation at the same rate
The study also explores how government, financial services, healthcare, and retail sectors embrace digital transformation in varying degrees and the associated security challenges. Global federal government organizations view themselves as most advanced, with nearly half (49%) of government respondents as either aggressively disrupting the markets they participate in, or are embedding, digital capabilities that enable greater enterprise agility. Healthcare followed closely at 47%, retail at 45%, and financial services at 30%. 54% of financial services respondents experienced a data breach or failed compliance audit this year, followed by government at 52%, retail at 49%, and healthcare at just 37%.
Key takeaways for improving data security
Data security is challenging, but across big data, IoT and containers, encryption is a key driver for adoption and usage. The study recommends the following key strategies for security professionals:
- Invest in modern, hybrid and multi-cloud-based data security tools that make the shared responsibility model work.
- Consider a zero-trust model to secure data.
- Increase focus on data discovery solutions and centralization of key management to strengthen data security.
- Focus on the threat vectors within their control.
- Utilize encryption to remain vigilant against today’s data risk reality.