Digital transformation, advanced attacks and strict new regulation causing turmoil among U.S. Financial Services organizations and putting data at riskNew report identifies a rush to embrace innovative technologies is creating new attack surfaces via cloud, IoT, mobile, blockchain, machine learning and AI.
SAN JOSE, Calif., Dec. 4, 2018 /PRNewswire/ — Thales, a leader in critical information systems, cybersecurity and data security, announces that digital transformation is driving turmoil among U.S. financial services organizations and leaving sensitive data at risk according to its 2018 Thales Data Threat Report, Financial Services Edition.
Digital transformation brings risk with reward
The U.S. financial services industry has hastily entered the digital transformation era, but this is not balanced with appropriate security measures. Almost two thirds (65%) of U.S. financial services organizations have now suffered a data breach, with 36% having suffered a breach in the past year – and that figure has more than doubled in the past two years.
Every piece of information used to run a financial services business creates risk – financial data in accounts and investments, personal data on account holders. Add to that new technologies including cloud, containers, mobile payments, blockchain, IoT, machine learning and AI – and while these might help meet the increased consumer and business demands for improved services and experience, the industry opens itself up to new avenues for attacks and breaches.
Cloud usage with sensitive data is especially high in the financial services industry at 85%. Multiple cloud usage is also high with 64% of organizations using more than 25 SaaS applications and 57% using 3 or more IaaS vendors. This creates a new problem of how to secure data cross multiple cloud deployments.
Stop Groundhog Day: Put the money where the risk is
Security spending is up but not aligning with the new risks. While 84% of organizations report a spending increase on IT security, and 33% registering a significant increase, they are not spending IT security dollars where they matter most. The majority (88%) of IT security pros acknowledge data-at-rest defenses are most effective at protecting data, but only 58% registered a spending increase for those specific tools. Fifty-six percent recognized encryption as the top tool required to increase cloud usage and 71% recognize that managing encryption keys across multi-cloud environments is a problem that needs to be solved.
Garrett Bekker, principal analyst for information security at 451 Research says:
“A common theme we have observed across virtually every vertical and geographic market in the Thales 2018 Global Data Threat Report also held true for U.S. financial services: namely spending the most on defenses deemed least effective. This creates a Groundhog Day phenomenon where the times have changed, but security strategies have not. Organizations need to change how they protect their data. With increasingly porous networks and expanding use of external resources (SaaS, PaaS and IaaS most especially), traditional endpoint and network security are no longer sufficient safeguards. The good news is that the financial services industry understands the problem and recognizes the need for encryption to protect sensitive data.”
Peter Galvin, chief strategy officer, Thales eSecurity says:
“Digital transformation as well as the increased number and sophistication of attacks, all combine to leave the data belonging to financial services organizations at risk. Encryption is proven to be the most effective technology to protect data, wherever it resides, as well as help meet compliance mandates. As new technologies such as cloud IoT and mobile payments are increasingly adopted by financial organizations looking for a competitive edge, the security risks they bring must be addressed.”
For more key findings and security best practices download a copy of the new 2018 Thales Data Threat Report, Financial Services Edition.
Industry insight and views on the latest data security trends can be found on the Thales eSecurity blog at blog.thalesesecurity.com.
Follow Thales eSecurity on Twitter @Thalesesecurity, and on LinkedIn, Facebook and YouTube.
About Thales eSecurity
Thales eSecurity is a leader in advanced data security solutions and services that deliver trust wherever information is created, shared or stored. We ensure that the data belonging to companies and government entities is both secure and trusted in any environment – on-premises, in the cloud, in data centres or big data environments – without sacrificing business agility. Security doesn’t just reduce risk, it’s an enabler of the digital initiatives that now permeate our daily lives – digital money, e-identities, healthcare, connected cars and, with the internet of things (IoT), even household devices. Thales provides everything an organisation needs to protect and manage its data, identities and intellectual property, and meet regulatory compliance – through encryption, advanced key management, tokenisation, and privileged-user control and high-assurance solutions. Security professionals around the globe rely on Thales to confidently accelerate their organisation’s digital transformation. Thales eSecurity is part of Thales Group.
The people we all rely on to make the world go round – they rely on Thales. Our customers come to us with big ambitions: to make life better, to keep us safer. Combining a unique diversity of expertise, talents and cultures, our architects design and deliver extraordinary high technology solutions. Solutions that make tomorrow possible, today. From the bottom of the oceans to the depth of space and cyberspace, we help our customers think smarter and act faster – mastering ever greater complexity and every decisive moment along the way. With 65,000 employees in 56 countries, Thales reported sales of €15.8 billion in 2017.