SAN JOSE, Calif., May 18, 2015 /PRNewswire/ -- Vormetric, a
Thales company, and a leader in enterprise data protection for
physical, virtual, big data, and cloud environments, today
announced the results of the Mexico and Brazil Edition of the 2016
Vormetric Data Threat Report (DTR). The report is issued in
conjunction with analyst firm 451 Research with polling for the
report featuring the responses of 1,100 senior IT security
executives at large enterprises worldwide, including over 100 each
in Mexico and Brazil. This edition of the 4th
annual report extends earlier findings in the global report with
detailed findings for Mexico and
Brazil about perceptions of
threats to data, rates of data breach failures, data security
stances and IT security spending plans. Critical findings:
- Enterprises feel vulnerable to data threats: 87 percent in
Mexico and 84 percent in
Brazil
(up from 69 percent in Brazil for
2015).
- 65 percent in Mexico and 62
percent in Brazil had experienced
a past data breach, indicating that there are good reasons for this
fear.
- The top external threats identified were attacks by
cybercriminals out for financial gain at 31 percent for
Mexico and 45 percent for
Brazil.
- Spending is increasing to offset these threats, with 65 percent
in Mexico and 73 percent in
Brazil increasing spending to
protect data.
- But spending is increasing fastest on defenses that are no
longer completely effective at protecting data: In Mexico network and endpoint defenses at 52
percent each, and in Brazil
network defenses at 60 percent and endpoint defenses at 58
percent.
Click to
Tweet:
|
Data Threats in
Mexico and Brazil: Enterprises at Risk #2016DataThreat
http://bit.ly/1Oe1Civ
|
"Data breaches were a problem in every region we surveyed," said
Garrett Bekker, senior analyst, information security, at 451
Research and the author of the report. "Clearly, IT security
leaders in both Mexico and
Brazil are worried about data
breaches, but are being held back from adding data centric security
by a perception of complexity (Mexico 49 percent, Brazil 50 percent) and lack of staff
(Mexico 45 percent, Brazil 46 percent), while also increasing
spending the most in legacy technologies like network and
anti-virus security tools that are not able to ensure the safety of
data once attackers compromise networks and systems."
Internal and external threats
External threats – Just as in the US and elsewhere across the
world, organizations in Mexico and
Brazil selected cybercriminals out
for financial gain as the top external threat:
- Mexico – 31 percent
- Brazil – 45 percent
- U.S. – 41 percent
Internal threats – Ratings for the risks from insiders were a
different story, while elsewhere in the world privileged users are
the top concern, in Mexico and
Brazil executives were rated as
the top risk. Elsewhere organizations identified privileged users
as the top threat, and with good reason. Because their roles give
them access to all the data available to the systems or
applications they manage, they are a primary risk for data theft
internally, and their account information is a highly desired
target for external attackers attempting to steal data.
Top selections for the most dangerous insiders:
- Executives: Mexico – 58
percent, Brazil – 54 percent,
U.S. – 46 percent
- Privileged users: Mexico – 53
percent, Brazil – 51 percent, U.S.
– 63 percent
Compliance is a priority – but compliance is not
enough
Compliance standards are a business reality, and a fundamental
requirement for many organizations. The problem is that these
standards are slow moving, and quickly fall behind fast evolving
attacks. In fact, breaches have occurred time after time at
organizations that were certified compliant with PCI DSS or other
standards. Yet high percentages of respondents viewed compliance
requirements as either 'very' or 'extremely' effective in
preventing data breaches.
Ratings for compliance as 'very' or 'extremely' effective at
stopping data breaches:
- Brazil – 83 percent (highest
percentage globally)
- Mexico – 57 percent
- U.S. – 67 percent
Old IT security spending habits continue – even as their
effectiveness at protecting data falls
For enterprises in both Mexico
and Brazil, the study found that
increases in IT security spending to protect data are concentrated
in tools that consistently fail to stop today's multi-layer
attacks: network and endpoint defenses, with data-at-rest defense
spending a lower priority. Planned increases in spending over the
next 12 months to protect data:
- Network defenses: Brazil – 60
percent, Mexico – 52 percent
- Endpoint and mobile defenses: Brazil – 58 percent, Mexico – 52 percent
- Data-at-rest defenses: Brazil
– 48 percent, Mexico – 40
percent
Sensitive data in the cloud
Organizations in Mexico and
Brazil are planning to use
sensitive data within cloud environments at much higher rates than
the average across the world, and are worried about it – with 80
percent of enterprises in Mexico
and 79 percent in Brazil very or
extremely concerned about potential exposures from use of sensitive
data in cloud environments.
Rates of storage of sensitive data in cloud environments:
- Software as a Service (SaaS): Mexico – 64 percent, Brazil – 71 percent, global – 53 percent
- Infrastructure as a Service (IaaS): Mexico – 61 percent, Brazil – 60 percent, global – 53 percent
- Platform as a Service (PaaS): Mexico – 50 percent, Brazil – 63 percent, global – 49 percent
The good news for Mexico and
Brazil
A real positive is the top driver for IT security spending in
both countries, unlike the U.S where compliance is the top driver
(52 percent), in Mexico and
Brazil reputation and brand
protection are the highest priorities (Mexico – 53 percent, Brazil – 54 percent). This is good news
because a focus beyond compliance on protecting data can lead to a
more effective data security stance than compliance alone can
give.
Other positives include:
- Increases in spending to protect sensitive data: 64 percent in
Mexico and 62 percent in
Brazil
- Plans to invest in data-at-rest defenses this year: 40 percent
in Mexico and 48 percent in
Brazil
Data-at-rest security tool plans – Many are also planning to
implement 'newer' security tools that are more effective at
protecting data even when other defenses have been compromised.
These include tokenization (44 percent Mexico, 54 percent Brazil), application encryption (48 percent
Mexico, 50 percent Brazil) security event and information
management (SIEM) systems (50 percent Mexico, 45 percent Brazil) and privileged user access management
(36 percent Mexico, 30 percent
Brazil)
"IT security leaders in both countries are investing to help
solve the problem, but surprisingly, are failing to connect the
dots about the best solutions to use," said Tina Stewart, Vormetric vice president of
marketing. "Low levels of spending on data-at-rest security
controls, and outdated investments in IT security technologies that
are less effective at protecting data, are putting their
organizations at risk."
The research report is available from Vormetric and can be found
here.
About 451 Research
451 Research is a preeminent information technology research and
advisory company. With a core focus on technology innovation and
market disruption, we provide essential insight for leaders of the
digital economy. More than 100 analysts and consultants deliver
that insight via syndicated research, advisory services and live
events to over 1,000 client organizations in North America, Europe and around the world. Founded in 2000
and headquartered in New York, 451
Research is a division of The 451 Group.
About Vormetric, a Thales company
Vormetric's comprehensive high-performance data protection
platform helps companies move confidently and quickly. Our seamless
and scalable platform is the most effective way to protect data
wherever it resides—any file, database and application, in any
server environment. Advanced transparent encryption, powerful
access controls and centralized key management let organizations
encrypt everything efficiently, with minimal disruption. Regardless
of content, database or application—whether physical, virtual or in
the cloud—Vormetric Data Security enables confidence, speed and
trust by encrypting the data that builds business. Vormetric
Data Security was recently acquired by Thales Group and is now a
Thales company.
Please visit: www.vormetric.com and find us on Twitter
@Vormetric.
About Thales
Thales is a global technology leader for
the Aerospace, Transport, Defence and Security markets. With 62,000
employees in 56 countries, Thales reported sales of €14 billion in
2015. With over 22,000 engineers and researchers, Thales has a
unique capability to design and deploy equipment, systems and
services to meet the most complex security requirements. Its
exceptional international footprint allows it to work closely with
its customers all over the world.
Positioned as a value-added systems integrator, equipment
supplier and service provider, Thales is one of Europe's leading players in the security
market. The Group's security teams work with government agencies,
local authorities and enterprise customers to develop and deploy
integrated, resilient solutions to protect citizens, sensitive data
and critical infrastructure.
Drawing on its strong cryptographic capabilities, Thales is a
global leader in data protection and one of the world leaders in
cybersecurity products and solutions for defence, critical
infrastructure and telecommunication operators, industrial and
financial companies. Covering the entire cybersecurity chain,
Thales offers a comprehensive range of services and solutions that
includes: cybersecurity consulting and testing, cyber-secured
software centric system design / development / integration and
certification, provision and through-life management of data
protection products and services, secured IT outsourcing and cloud
computing solutions, as well as managed security services based on
our network of Security Operation Centers in France, the United
Kingdom and the
Netherlands.
Logo -
http://photos.prnewswire.com/prnh/20130626/SF38541LOGO
To view the original version on PR Newswire,
visit:http://www.prnewswire.com/news-releases/87-of-mexican-and-84-of-brazilian-it-decision-makers-say-their-organization-is-vulnerable-to-data-threats-300270543.html
SOURCE Vormetric