Security
The data security money pit
Wednesday, January 25, 2017
|
Richard Harris |
93% of organizations suffer technical challenges to protect data despite heavy investment in security tools.
While data breaches destroy customer confidence, impact revenues, attract large regulatory fines and cost C-levels their jobs, 76% of data security professionals believe in the maturity of their data security strategy, according to a new study. Despite heavy investments in a variety of data security tools as part of their strategy, 93% report persistent technical challenges in protecting data.
“The Data Security Money Pit: Expense In Depth Hinders Maturity,” a January 2017 study conducted by Forrester Consulting on behalf of Varonis Systems, Inc., a software solutions provider that protects data from insider threats and cyber attacks, finds organizations “focused on threats rather than their data and do not have a good handle on understanding and controlling sensitive data.” The fragmented approach to data security exacerbates vulnerabilities and challenges, and 96% of these respondents believe a unified approach would benefit them, including preventing and more quickly responding to attempted attacks, limiting exposure and reducing complexity and cost. The study goes on to highlight specific areas where enterprise data security falls short.
- 62% of respondents have no idea where their most sensitive unstructured data resides
- 66% don’t classify this data properly
- 59% don’t enforce a least privilege model for access to this data
- 63% don’t audit use of this data and alert on abuses
Audio commentary by: David Gibson,
Vice President of Strategy and Market
Development for Varonis
David Gibson, Vice President of Strategy and Market Development with Varonis, states, “Many point products are designed to mitigate specific threats. If they’re used tactically, instead of supporting a strategy that improves the overall security of data, they can not only cost a lot of money, but also provide a false sense of security. Ransomware, for example, exploits the same internal deficiencies that a rogue or compromised insider might – insufficient detective capabilities and over-subscribed access. Too many organizations look for tools that specifically address ransomware, but neglect to buttress core defenses that would mitigate more than just this specific threat.”
In order to provide data visibility and controls organizations desire, the study states, “It’s time to put a stop to expense in depth and wrestling with cobbling together core capabilities via disparate solutions.” Almost 90% of respondents desire a unified data security platform. Within such a solution, 68% see the value of data classification, analytics and reporting to help reduce risk. Additional criteria also include meeting regulatory compliance (76%), aggregating key management capabilities (70%) and improving response to anomalous activity (68%). In summarizing the findings, Forrester writes, “A platform can help to address concerns and challenges that have sprouted from trying to make use of many disparate tools, freeing up resources to allow for greater focus on ensuring that firms have the correct policies, procedures and remediation actions in place to meet business and data security strategy objectives.”
The study was conducted of 150 data security professionals in the U.S. and Canada.
While data breaches destroy customer confidence, impact revenues, attract large regulatory fines and cost C-levels their jobs, 76% of data security professionals believe in the maturity of their data security strategy, according to a new study. Despite heavy investments in a variety of data security tools as part of their strategy, 93% report persistent technical challenges in protecting data.
“The Data Security Money Pit: Expense In Depth Hinders Maturity,” a January 2017 study conducted by Forrester Consulting on behalf of Varonis Systems, Inc., a software solutions provider that protects data from insider threats and cyber attacks, finds organizations “focused on threats rather than their data and do not have a good handle on understanding and controlling sensitive data.” The fragmented approach to data security exacerbates vulnerabilities and challenges, and 96% of these respondents believe a unified approach would benefit them, including preventing and more quickly responding to attempted attacks, limiting exposure and reducing complexity and cost. The study goes on to highlight specific areas where enterprise data security falls short.
Those key shortcomings are:
- 62% of respondents have no idea where their most sensitive unstructured data resides
- 66% don’t classify this data properly
- 59% don’t enforce a least privilege model for access to this data
- 63% don’t audit use of this data and alert on abuses
Audio commentary by: David Gibson,
Vice President of Strategy and Market
Development for Varonis
David Gibson, Vice President of Strategy and Market Development with Varonis, states, “Many point products are designed to mitigate specific threats. If they’re used tactically, instead of supporting a strategy that improves the overall security of data, they can not only cost a lot of money, but also provide a false sense of security. Ransomware, for example, exploits the same internal deficiencies that a rogue or compromised insider might – insufficient detective capabilities and over-subscribed access. Too many organizations look for tools that specifically address ransomware, but neglect to buttress core defenses that would mitigate more than just this specific threat.”
In order to provide data visibility and controls organizations desire, the study states, “It’s time to put a stop to expense in depth and wrestling with cobbling together core capabilities via disparate solutions.” Almost 90% of respondents desire a unified data security platform. Within such a solution, 68% see the value of data classification, analytics and reporting to help reduce risk. Additional criteria also include meeting regulatory compliance (76%), aggregating key management capabilities (70%) and improving response to anomalous activity (68%). In summarizing the findings, Forrester writes, “A platform can help to address concerns and challenges that have sprouted from trying to make use of many disparate tools, freeing up resources to allow for greater focus on ensuring that firms have the correct policies, procedures and remediation actions in place to meet business and data security strategy objectives.”
The study was conducted of 150 data security professionals in the U.S. and Canada.
Become a subscriber of App Developer Magazine for just $5.99 a month and take advantage of all these perks.
MEMBERS GET ACCESS TO
- - Exclusive content from leaders in the industry
- - Q&A articles from industry leaders
- - Tips and tricks from the most successful developers weekly
- - Monthly issues, including all 90+ back-issues since 2012
- - Event discounts and early-bird signups
- - Gain insight from top achievers in the app store
- - Learn what tools to use, what SDK's to use, and more
Subscribe here
