PROOF THAT DATA ON ANY SYSTEM CAN BE ATTACKED AND COMPROMISED.â âGarrett Bekker, 451 Research Principal Analyst, Inf
FINANCIAL SERVICES THREATS TO FINANCIAL SERVICES DATA CONTINUE TO INCREASE “TODAY’S UNBROKEN STRING OF HIGH PROFILE DATA BREACHES SERVES AS STARK PROOF THAT DATA ON ANY SYSTEM CAN BE ATTACKED AND COMPROMISED.” —Garrett Bekker, 451 Research Principal Analyst, Information Security
INCREASING DATA BREACHES, EVEN WHILE IT SECURITY SPENDING CONTINUES TO RATCHET UP
Experienced a data breach at some time Experienced a data breach in the last year
42%
Experienced a data breach both in the last year and previously
24%
Especially troubling – Some aren’t learning from previous mistakes
12%
Custodians of the world’s financial data aren’t doing as well as retailers or healthcare providers in the last year: 34%
Federal Government
24%
Financial Services
20%
Healthcare
19%
Retail
Even while data security spending at U.S. Financial Services firms increases for the third year in a row:
78%
53%
58%
Are increasing IT security spending for 2017
Increases in 2016 and 2015
DATA AT REST PROTECTION NEEDS TO BE A HIGHER PRIORITY “What is perhaps more disturbing is that in both the U.S. and global financial services sectors, data security ranks at the bottom in terms of spending plans. For example, in U.S. financial services, data-at-rest security was selected by 52%, and data-in-motion defenses by 50%, dead last among all choices.” —Garrett Bekker, 451 Research Principal Analyst, Information Security
2017 IT Security spending increases in U.S. Financial Services
Analysis & correlation tools
Network
73%
Endpoint & mobile
54%
59%
Spending Increase
Spending Increase
Spending Increase
Data at rest
Data in motion
52%
50%
Spending Increase
Spending Increase
ADVANCED TECHNOLOGY USAGE ESCALATES – COMPOUNDING THE PROBLEM “The sad truth is that as the data breaches continue to pile up, we continue to spend the bulk of our resources on the same old solutions, while approaches like data security that could arguably do a better job of protecting data, particularly among new technologies like cloud, Big Data and IoT, continue to lag.” —Garrett Bekker, 451 Research Principal Analyst, Information Security
96%
47%
use sensitive data in advanced technology environments
say that these deployments occur without data security to protect sensitive information
U.S. Financial Services rates of sensitive data use by advanced technology environment: Saas Big Data Iaas Mobile Paas IoT Containers Blockchain
23%
14%
61% 58%
45% 40% 39% 35%
GOOD NEWS – RECOGNITION THAT ENCRYPTION ENABLES DIGITAL TRANSFORMATION WITH ADVANCED TECHNOLOGIES 010101010010101 010101010101010 101010101010101 010101010101010 101010101010101 010101010101010
Big Data
Cloud
Encryption enables further adoption of cloud
Encryption offsets top security concerns U.S.
60%
49%
U.S.
Global
Global
37%
39%
39%
41%
43%
46%
Privacy violations Security of reports
Data encryption in the cloud with enterprise premise key control
Sensitive data everywhere
Containers
IoT
Encryption the top control needed to enable greater adoption
The top technologies needed to expand usage U.S. Global
49%
49%
58%
42%
55%
Global
54% U.S.
Data encryption Secure digital identity (an encryption technology)
WHAT TO DO ABOUT IT 1
RE-PRIORITIZE YOUR IT SECURITY TOOL SET Cloud and SaaS break legacy IT security models – Data security with encryption and access controls across environments is required
2
DISCOVER AND CLASSIFY Get a better handle on the location of sensitive data, particularly for Cloud, Big Data, Containers and IoT
Service-based solutions and platforms that include automation are preferred for reduced costs and simplicity
3
DON’T JUST CHECK OFF THE COMPLIANCE BOX Move beyond compliance to greater use of encryption and BYOK, especially for cloud and other advanced technology environments
4
ENCRYPTION AND ACCESS CONTROL Encryption needs to move beyond laptops and desktops Data center: File and application level encryption and access controls
Containers: Encrypt and control access to data – within containers and underlying storage
Cloud: Encrypt and manage keys locally, BYOK enables safe SaaS, PaaS and IaaS
IoT: Use secure device ID and authentication, as well as encryption of data at rest on devices, back end systems and in transit to limit data threats
Big Data: Encryption and access control within the environment
CLICK TO DOWNLOAD REPORT
FOLLOW US ON:
