TMCnet News
87% of Mexican and 84% of Brazilian IT Decision Makers Say their Organization is Vulnerable to Data ThreatsSAN JOSE, Calif., May 18, 2015 /PRNewswire/ -- Vormetric, a Thales company, and a leader in enterprise data protection for physical, virtual, big data, and cloud environments, today announced the results of the Mexico and Brazil Edition of the 2016 Vormetric Data Threat Report (DTR). The report is issued in conjunction with analyst firm 451 Research with polling for the report featuring the responses of 1,100 senior IT security executives at large enterprises worldwide, including over 100 each in Mexico and Brazil. This edition of the 4th annual report extends earlier findings in the global report with detailed findings for Mexico and Brazil about perceptions of threats to data, rates of data breach failures, data security stances and IT security spending plans. Critical findings:
"Data breaches were a problem in every region we surveyed," said Garrett Bekker, senior analyst, information security, at 451 Research and the author of the report. "Clearly, IT security leaders in both Mexico and Brazil are worried about data breaches, but are being held back from adding data centric security by a perception of complexity (Mexico 49 percent, Brazil 50 percent) and lack of staff (Mexico 45 percent, Brazil 46 percent), while also increasing spending the most in legacy technologies like network and anti-virus security tools that are not able to ensure the safety of data once attackers compromise networks and systems." Internal and external threats External threats – Just as in the US and elsewhere across the world, organizations in Mexico and Brazil selected cybercriminals out for financial gain as the top external threat:
Internal threats – Ratings for the risks from insiders were a different story, while elsewhere in the world privileged users are the top concern, in Mexico and Brazil executives were rated as the top risk. Elsewhere organizations identified privileged users as the top threat, and with good reason. Because their roles give them access to all the data available to the systems or applications they manage, they are a primary risk for data theft internally, and their account information is a highly desired target for external attackers attempting to steal data. Top selections for the most dangerous insiders:
Compliance is a priority – but compliance is not enough Compliance standards are a business reality, and a fundamental requirement for many organizations. The problem is that these standards are slow moving, and quickly fall behind fast evolving attacks. In fact, breaches have occurred time after time at organizations that were certified compliant with PCI DSS or other standards. Yet high percentages of respondents viewed compliance requirements as either 'very' or 'extremely' effective in preventing data breaches. Ratings for compliance as 'very' or 'extremely' effective at stopping data breaches:
Old IT security spending habits continue – even as their effectiveness at protecting data falls For enterprises in both Mexico and Brazil, the study found that increases in IT security spending to protect data are concentrated in tools that consistently fail to stop today's multi-layer attacks: network and endpoint defenses, with data-at-rest defense spending a lower priority. Planned increases in spending over the next 12 months to protect data:
Sensitive data in the cloud Organizations in Mexico and Brazil are planning to use sensitive data within cloud environments at much higher rates than the average across the world, and are worried about it – with 80 percent of enterprises in Mexico and 79 percent in Brazil very or extremely concerned about potential exposures from use of sensitive data in cloud environments. Rates of storage of sensitive data in cloud environments:
The good news for Mexico and Brazil A real positive is the top driver for IT security spending in both countries, unlike the U.S where compliance is the top driver (52 percent), in Mexico and Brazil reputation and brand protection are the highest priorities (Mexico – 53 percent, Brazil – 54 percent). This is good news because a focus beyond compliance on protecting data can lead to a more effective data security stance than compliance alone can give. Other positives include:
Data-at-rest security tool plans – Many are also planning to implement 'newer' security tools that are more effective at protecting data even when other defenses have been compromised. These include tokenization (44 percent Mexico, 54 percent Brazil), application encryption (48 percent Mexico, 50 percent Brazil) security event and information management (SIEM) systems (50 percent Mexico, 45 percent Brazil) and privileged user access management (36 percent Mexico, 30 percent Brazil) "IT security leaders in both countries are investing to help solve the problem, but surprisingly, are failing to connect the dots about the best solutions to use," said Tina Stewart, Vormetric vice president of marketing. "Low levels of spending on data-at-rest security controls, and outdated investments in IT security technologies that are less effective at protecting data, are putting their organizations at risk." The research report is available from Vormetric and can be found here. About 451 Research 451 Research is a preeminent information technology research and advisory company. With a core focus on technology innovation and market disruption, we provide essential insight for leaders of the digital economy. More than 100 analysts and consultants deliver that insight via syndicated research, advisory services and live events to over 1,000 client organizations in North America, Europe and around the world. Founded in 2000 and headquartered in New York, 451 Research is a division of The 451 Group. About Vormetric, a Thales company Vormetric's comprehensive high-performance data protection platform helps companies move confidently and quickly. Our seamless and scalable platform is the most effective way to protect data wherever it resides—any file, database and application, in any server environment. Advanced transparent encryption, powerful access controls and centralized key management let organizations encrypt everything efficiently, with minimal disruption. Regardless of content, database or application—whether physical, virtual or in the cloud—Vormetric Data Security enables confidence, speed and trust by encrypting the data that builds business. Vormetric Data Security was recently acquired by Thales Group and is now a Thales company. Please visit: www.vormetric.com and find us on Twitter @Vormetric. About Thales Positioned as a value-added systems integrator, equipment supplier and service provider, Thales is one of Europe's leading players in the security market. The Group's security teams work with government agencies, local authorities and enterprise customers to develop and deploy integrated, resilient solutions to protect citizens, sensitive data and critical infrastructure. Drawing on its strong cryptographic capabilities, Thales is a global leader in data protection and one of the world leaders in cybersecurity products and solutions for defence, critical infrastructure and telecommunication operators, industrial and financial companies. Covering the entire cybersecurity chain, Thales offers a comprehensive range of services and solutions that includes: cybersecurity consulting and testing, cyber-secured software centric system design / development / integration and certification, provision and through-life management of data protection products and services, secured IT outsourcing and cloud computing solutions, as well as managed security services based on our network of Security Operation Centers in France, the United Kingdom and the Netherlands. Logo - http://photos.prnewswire.com/prnh/20130626/SF38541LOGO
To view the original version on PR Newswire, visit:http://www.prnewswire.com/news-releases/87-of-mexican-and-84-of-brazilian-it-decision-makers-say-their-organization-is-vulnerable-to-data-threats-300270543.html SOURCE Vormetric |