Across the board, companies are racing to digitally transform and move more applications and data to the cloud; two-fifths (37%) of European countries stated they are aggressively disrupting the markets they participate in or embedding digital capabilities to enable greater enterprise agility. A key aspect of this transformation is in the cloud becoming the leading data environment. Nearly half (46%) of all data stored by European organisations is now stored in the cloud, and with 43% of that data in the cloud being described as sensitive, it is essential that it is kept safe.
As more sensitive data is stored in cloud environments, however, data security risks increase. This is of particular concern given that 100% of businesses surveyed report that at least some of the sensitive data they are storing in the cloud is not encrypted. Only 54% of sensitive data in the cloud is protected by encryption and even less (44%) is protected by tokenisation, highlighting the disconnect between the level of investment companies are making into cybersecurity and the increasing threats they face.
Multi-Cloud Adoption Complicates Data Security
Despite the multitude of threats, businesses feel that the complexity (40%) of their environments is holding their data security capabilities back. Multi-cloud adoption is the main driver of this complexity; four-fifths (80%) of businesses are using more than one IaaS (Infrastructure as a Service) vendor, whilst a third (29%) have more than 50 SaaS (Software as a Service) applications to manage. Businesses also identified a lack of budget (30%), staff to manage (28%) and organisation buy-in/low priority (25%) as other top blockers.
“Businesses are continuing to race towards digital transformation and many are increasingly reliant on complex cloud environments, without taking a zero-trust approach. Data is more at risk than ever, whilst organisations are unwittingly creating the perfect storm for hackers by not implementing the security basics,” commented Rob Elliss, EMEA Vice President for Data Security solutions at Thales. “Unfortunately, this will result in increasing problems, particularly in a world where working remotely will be part of the new-normal, unless companies can step up to the plate when it comes to keeping data safe.”
Quantum(fying) the problem
Whilst organisations continue to look at the threat of today, many are starting to turn their attention to peril that the acceleration of computing power, quantum, could bring to them. In fact, almost all (93%) respondents are concerned quantum computing will lead to exploits being created that could expose the sensitive data they hold. What’s more, seven in 10 (69%) European organisations expect quantum to affect their cryptographic operations in the next five years.
As a result, most organisations are reacting, with a third (31%) planning to offset quantum computing threats by switching away from static encryption or symmetric cryptography. Furthermore, a similar amount (30%) plans to implement key management that supports quantum safe random number generator.
“It is clear that businesses are aware of evolving threats they face and it’s reassuring to see them acknowledging some of the key steps they need to take – including moving away from static encryption and implementing quantum-proof key management. It’s critical, though, that organisations don’t just look at threats years away, but invest in their cybersecurity processes now and see it as an integral part of their digital transformation,” Rob concluded.