Fast-growing organisations often patch together a suite of data storage solutions that meet short term needs. The problem is that such deployments can lead to ad-hoc security solutions, duplications and inefficiencies; this also fails to address key-person risk where data security and continuity are concerned. The risks only grow as organisations get larger and more complex.
The Thales Global Data report 2021 highlights some worrying statistics regarding data integrity. The Report surveyed 2,600 executives with links to I.T. security across the globe. One hundred and fifty-two of the respondents were based in Australia or New Zealand (ANZ).
The results highlighted in the Report are pertinent given the stresses the global pandemic placed on data sharing between dislocated staff. Interestingly, only 23 per cent of respondents were able to say they had complete knowledge of where their data was stored. Moreover, half of all those surveyed have failed their compliance audits in the past 12 months.
ANZ based organisations were on average more likely to have had a breach in the past than their regional peer group, with 64 per cent reporting a breach versus 50 per cent in the broader region. In the last year alone, 47 per cent of ANZ respondents have been breached. Did the dispersed work environment of the global pandemic expose particular vulnerabilities in respect of data security?
Organisations are actively looking to patch the holes in their data vulnerabilities. Solutions included Zero Trust networks, encryption, tokenisation; 38 per cent have chosen multiple layers, usually five to seven critical solutions.
Brian Grant, ANZ Director for Cloud Protection and Licensing activities at Thales, commented that “the increased reliance on multi-cloud environments and the growing number of cyber threats is making security more challenging. It is concerning that a large number of organisations still don’t know where all their data is stored or are failing compliance audits, in particular as those are just the first step to achieving effective cyber protection. This is why embedded security through data anonymisation and Zero Trust strategies need to be prioritised if we want to future proof our digitised economy, guarantee privacy, and in the process avoid costly cyber incidents and data breach remediations”.
Which-50 has recently run a series of articles and hosted a panel discussion on Cyber Risk for Boards and Directors.
The next event will be a lunch and panel discussion in Melbourne in July. Please contact Which-50 for registration.