Upload File

andy kicklighter - 2016 vormetric data threat report

  • Home
  • Technology
  • Andy Kicklighter - 2016 Vormetric Data Threat Report
18
2016 VORMETRIC DATA THREAT REPORT Trends in Encryption and Data Security Sponsoring Partners Andy Kicklighter Director, Product Marketing

Upload: centralohioissa

Post on 13-Apr-2017

534 views

Category:

Technology


0 download

Report

TRANSCRIPT

Page 1: Andy Kicklighter - 2016 Vormetric Data Threat Report

2016 VORMETRIC DATA THREAT REPORTTrends in Encryption and Data Security

Sponsoring Partners

Andy KicklighterDirector, Product Marketing

Page 2: Andy Kicklighter - 2016 Vormetric Data Threat Report

2016 VORMETRICDATA THREAT REPORT

1114 IT DECISION MAKERSUS (505), UK (101), DE (100), JP (102), AUS(100), MEX (103), BRZ (103)

HealthcareRetail OtherEnterprise

FinancialServices

Enterprises of: $250M+ for US, UK, DE, JP$100M+ for BRZ, MEX, AUS

Polling and Analysis by 451 Research

100%

Government

Page 3: Andy Kicklighter - 2016 Vormetric Data Threat Report

WHY IS COMPLIANCETHE TOP CONCERN?

91% 61%VULNERABLE TO DATA THREATS

9%

61%

22%

8%

NOT VULNERABLESOMEWHATVULNERABLEVERY VULNERABLEEXTREMELY VULNERABLE

HAD A DATA BREACH

RATES OF VULNERABILITY TO DATA THREATS

Page 4: Andy Kicklighter - 2016 Vormetric Data Threat Report

COMPLIANCE DOES NOT EQUALDATA BREACH PREVENTION

64%46%

BELIEVE COMPLIANCE IS EFFECTIVE AT PREVENTING DATA BREACHES

Compliance does not ensure security”..being compliant does not mean you won’t be breached”

Garrett BekkerSr. Analyst Enterprise Security, 451 Research

(58% IN THE 2015 REPORT)

RANK COMPLIANCE AS A TOP 3 IT SECURITY SPENDING PRIORITY

Rates of ranking as a Top 3 IT Security Spending Priority 39% - BEST PRACTICES

32% - PARTNERS/CUSTOMERS

46% - COMPLIANCE

46% - REPUTATION AND BRAND PROTECTION

36% - DATA BREACH AVOIDANCE

Page 5: Andy Kicklighter - 2016 Vormetric Data Threat Report

PUTTING FAITH INTHE WRONG DEFENSES

INCREASES IN IT SECURITY SPENDING PLANS BY CATEGORY

44% - ANALYSIS & CORRELATION TOOLS

48% - NETWORK DEFENSES

40% - DATA IN MOTION DEFENSES

39% - DATA AT REST DEFENSES

… perimeter defenses offer little help defending against multi-stage attacks”

“It’s no longer enough just to secure networks and endpoints”

Garrett BekkerSr. Analyst Enterprise Security, 451 Research

… data-at-rest approaches have proven to be effective at protecting the data itself”

INCREASES IN SPENDING ON DATA AT REST DEFENSES FELL

47%

2014

39%

201544% - END POINT AND MOBILE

Page 6: Andy Kicklighter - 2016 Vormetric Data Threat Report

SOME ORGANIZATIONSARE GETTING IT RIGHT

58%INCREASING SPENDING ONIT SECURITYTO PROTECT SENSITIVE DATA

NOW MAKE PREVENTING DATA BREACHES A TOP SPENDING PRIORITY

36%

IMPLEMENTING EFFECTIVE DATA SECURITY TOOLS

39% - MULTI-FACTOR AUTHENTICATION

38% - SIEM SYSTEMS

40% - APPLICATION LAYER ENCRYPTION

39% - TOKENIZATION

38% - CLOUD SECURITY GATEWAY

Page 7: Andy Kicklighter - 2016 Vormetric Data Threat Report

39%

58%

45%

35%

EXECUTIVE MANAGEMENT

CONTRACTOR ACCOUNTS

INTERNAL AND EXTERNALDATA THREATSTHE MOST DANGEROUS INSIDERS (TOP 3 SELECTION)

TOP EXTERNAL THREATS

15% 12%39% 19% 15%CYBER CRIMINALS

HACKTIVISTSCYBER-

TERRORISTS

NATION STATES

COMPETITORS

PRIVILEGED USERS

SERVICE PROVIDER ACCOUNTS

Page 8: Andy Kicklighter - 2016 Vormetric Data Threat Report

70%

DRAMATIC INCREASE IN RATESOF SENSITIVE DATA USE IN THE CLOUD

USE OF SENSITIVE DATA IN CLOUD ENVIRONMENTS

54%

2015

85%

2016CONCERNS - HIGH

VERY OR EXTREMELY CONCERNED ABOUT SENSITIVE DATA IN

THE CLOUD

DATA SECURITY USAGE - LOW 24%

USING ENCRYPTION TO SAFEGUARD CLOUD

DATA TODAY

Page 9: Andy Kicklighter - 2016 Vormetric Data Threat Report

TOP CONCERNS FOR DATAWITH ADOPTING CLOUD SERVICES70% – GLOBAL SECURITY BREACHES /

ATTACKS AT CSP75% – U.S.

66% – GLOBAL73% – U.S.

SHARED INFRASTRUCTURE VULNERABILITIES

66% – GLOBAL LACK OF DATA LOCATION CONTROL70% – U.S.

65% – GLOBAL LACK OF DATA PRIVACY POLICY / SLA71% – U.S.

64% – GLOBAL CLOUD PRIVILEGED USER ABUSE/THREATS70% – U.S.

62% – GLOBAL MEETING COMPLIANCE REQUIREMENTS69% – U.S.

Page 10: Andy Kicklighter - 2016 Vormetric Data Threat Report

66% ONLINE BACKUP67% ONLINE STORAGE

GLOBAL RATES OF VERY OR EXTREMELY CONCERNED

53% COLLABORATION TOOLS

61% CRM / SOCIAL CRM57% ERP

66% ONLINE ACCOUNTING

51% ONLINE OFFICE SUITES

56% PROJECT / TASK MANAGEMENT

DATA PROTECTION CONCERNSARE HIGH FOR ALL SAAS APPLICATIONS

Page 11: Andy Kicklighter - 2016 Vormetric Data Threat Report

WHAT CAN CSP’s DO TO INCREASE ENTERPRISE CLOUD ADOPTION?

35%DATA

ENCRYPTION IN THE CLOUD

CSP KEY CONTROL

27%EXPOSURE OF

SECURITY MONITORING

DATA

36%DETAILED

PHYSICAL AND IT SECURITY

IMPLEMENTATION INFORMATION

48%

DATA ENCRYPTION IN

THE CLOUD

ENTERPRISE PREMISE KEY

CONTROL

TOP CHANGE FROM LAST YEAR

53%DATA ENCRYPTION IN THE

CLOUD WITH CSP KEY CONTROL

35%2015 2016

Page 12: Andy Kicklighter - 2016 Vormetric Data Threat Report

RATES OF SENSITIVE DATA USEBY EMERGING TECHNOLOGY TYPE

WHILE CLOUD HAS THE HIGHEST OVERALL ADOPTION, BIG DATA AND IoT ARE ALSO EMERGING QUICKLY AS LOCATIONS WHERE SENSITIVE DATA IS PRESENT

47% - PaaS

33% - IoT

53% - SaaS

50% - BIG DATA

47% - IaaS

85%TOTAL FOR CLOUD

(ALL TYPES)

Page 13: Andy Kicklighter - 2016 Vormetric Data Threat Report

SENSITIVE DATA USE INCREASESIN BIG DATA ENVIRONMENTS

SENSITIVE DATA MAY RESIDE ANYWHERE

PRIVACY VIOLATIONS - DATA ORIGINATES IN MANY COUNTRIES

41%

42%

40%

37%

33%

SECURITY OF REPORTS THAT MAY INCLUDE SENSITIVE

DATA

LACK OF SECURITYFRAMEWORKS AND CONTROLS

PRIVILEGED USER ACCESS TO PROTECTED DATA

USE OF SENSITIVE DATA IN BIG DATA

31%

2015

50%

2016

TOP 5 CONCERNS

Page 14: Andy Kicklighter - 2016 Vormetric Data Threat Report

DOUBLE JEOPARDY

BIG DATA IS OFTEN IMPLEMENTED IN

THE CLOUD

TOP 3 SELECTIONS FOR LOSS OF VOLUMES OF SENSITIVE DATA

BIG DATA - U.S. - MORE TO LOSEWITH HIGHEST SENSITIVE DATA USE

30% 27% 21%24% 22% 12%18%U.S. U.K. MEXICOBRAZIL GERMANYAUS JAPAN

Page 15: Andy Kicklighter - 2016 Vormetric Data Threat Report

IoT THREAT AWARENESS LOWCOMPARED TO CLOUD AND BIG DATA

MANY ORGANIZATIONS HAVE STRONG CONCERNS FOR THE SAFETY OF THEIR DATA

29% - IDENTIFYING WHICH DATA IS SENSITIVE

27% - IMPACT OF ATTACKS ON IoT DEVICES

35% - PROTECTING SENSITIVE DATA GENERATED BY IOT

30% - PRIVACY VIOLATIONS

28% - PRIVILEGED USER ACCESS TO DATA AND DEVICES

33%ORGANIZATIONS THAT

EXPECT SENSITIVE DATA USE IN IoT

Page 16: Andy Kicklighter - 2016 Vormetric Data Threat Report

WHAT SHOULDORGANIZATIONS BE DOING

Get a better handle on where organization is using sensitive data – Both internal and external locations

Discover and classify

Use platform solutions that deliver a broad range of data security solutions on a single platform to reduce costs

Data security platforms

Security analytics Use data access monitoring combined with other threat indicators to identify threat activity patterns

Encryption and access control

Use encryption for more than just compliance.Data Center: Consider an Encrypt Everything policyCloud: Encrypt and manage your keys appropriatelyBig Data: Make sure encryption includes access controlIoT: Encrypt on devices, in transit and on the back end

Page 17: Andy Kicklighter - 2016 Vormetric Data Threat Report

Vormetric Data Security#DefenderOfData

VisionTo Secure the World’s Information

Purpose Protect business assets and brand

Customers1500+ Customers Across 21 Countries17 of Fortune 30 30+ Cloud and Hosting Providers

Global PresenceGlobal Headquarters - San Jose, CA, USAEMEA Headquarters - Reading, United KingdomAPAC Headquarters - Singapore

Data-at-Rest Protection ProductsTransparent Encryption, Application-layer EncryptionTokenization with Dynamic Data MaskingCloud Encryption GatewayProtection for Teradata DatabaseKey Management

Page 18: Andy Kicklighter - 2016 Vormetric Data Threat Report

Questions?

NameTitle

Contact


2015 VORMETRIC INSIDER THREAT REPORT · INSIDER THREAT REPORT Trends and Future Directions in Data Security Sponsoring Partners . 2015 Vormetric Insider Threat Report HealthcareRetail

Data Sheet Vormetric Data Security Platorm Vormetric Data ...Teradata • SAP HANA • Docker containers • Oracle, IBM DB2, Microsoft SQL ... IBM InfoSphere Guardium Data Encryption,

VORMETRIC TRANSPARENT ENCRYPTION ARCHITECTURE · cloud, and big data environments. Vormetric Transparent Encryption offers support for file systems and storage architectures and it

Vormetric data security complying with pci dss encryption rules

Vormetric Data Security Platform · 2_ VORMETRIC DATA SECURITY PLATFORM As devastating security breaches continue

INFORME 2015 DE VORMETRIC SOBRE AMENAZAS … · 1 informe 2015 de vormetric sobre amenazas internas / edicin para mÉxico y brasil informe 2015 de vormetric sobre amenazas internas

VORMETRIC VAULTLESS TOKENIZATION WITH DYNAMIC DATA …enterprise-encryption.vormetric.com/rs/...Tokenization_White_Paper.pdf · White Paper Page | 3 Vormetric Vaultless Tokenization

Vormetric, Inc Vormetric Data Security Server Module FIPS 140

Vormetric Data Security Architecture - IBM

Vormetric Data Security Platformgo.thalesesecurity.com/rs/480-LWA-970/images/Vormetric... · 2020-02-23 · vormetric data security user guide failure of any transmission hardware,

Vormetric Data Security Platform€¦ · data protection across more environments, systems, applications, processes and users. With the Vormetric Data Security

Vormetric Data Security Platform - dcsr-uk · Vormetric Transparent Encryption Vormetric Transparent Encryption enables data-at-rest encryption, privileged user access control, and

Research Conducted by 2015 VORMETRIC INSIDER THREAT …enterprise-encryption.vormetric.com/rs/vormetric/images/CW_CP_Vo… · Big Data implementations represent another set of additional

2016 VORMETRIC DATA THREAT REPORTgo.thalesesecurity.com/rs/.../Vormetric_2016_Data... · 6 2016 VORMETRIC DATA THREAT REPORT GLOBAL EDITION Mobile, Cloud and Big Data: Driving Change,

Vormetric NIST 800-53 Mapping - Information Security …informationsecurity.report/Resources/Whitepapers/12676344-7fcd-44a5... · Vormetric NIST 800-53 Mapping Vormetric.com ... Security

Encryption Key Management - Vormetric Data … · 2018-05-11 · Vormetric Transparent Encryption delivers data-at-rest encryption, privileged user access

VORMETRIC TRANSPARENT ENCRYPTION ARCHITECTURE · Vormetric Transparent Encryption enables data-at-rest encryption, external key management, privileged user access control, and the

Research Conducted by 2015 VORMETRIC INSIDER THREAT …go.thalesesecurity.com/rs/vormetric/images/CW_CP_Vormetric_ITR... · Enterprise adoption of cloud and Big Data environments

Vormetric Addendum to VMware Solution Guide for …go.thalesesecurity.com/rs/vormetric/images/vormetric-coalfire-PCI... · Vormetric Addendum to VMware Solution Guide ... ways that

LMAtech 2015 - Baby Boomer Lawyer Tweeting - Kurt Kicklighter

Vormetric Data Security Manager Virtual Appliance …The Vormetric Data Security Manager Virtual Appliance module supports five distinct roles: System Administrator, Network Administrator,

Evaluation of the Vormetric Token Server

Vormetric Transparent Encryption Agent Compatibility Matrix

VORMETRIC TRANSPARENT ENCRYPTION ARCHITECTUREenterprise-encryption.vormetric.com/rs/vormetric/images/wp-vormetric-enterprise...implement encryption, without having to make changes

MongoDB and Vormetric: Implementing a Secure NoSQL …go.thalesesecurity.com/rs/480-LWA-970/images/Tha... · Secure NoSQL Environment Joint MongoDB and Vormetric Solution MongoDB

Vormetric Data Securityxnetworks.es/contents/Vormetric/Vormetric_Introduction.pdf · Vormetric Data Security: Encrypt, audit and control access to sensitive data files ! Transparent

Vormetric Data Security for SAP HANA

Vormetric Data Security

Research Conducted by Analyzed by 2015 VORMETRIC INSIDER ...i.crn.com/custom/14VR5164_GlobalReport_Web_eFile_011215.pdf · 2015 Vormetric Insider Threat Report provides present-day

Vormetric Data Security Manager ModuleNon-Proprietary Security Policy Vormetric Data Security Manager v 5.3.0 7 4.2 Strengths of Authentication Mechanisms Authentication Mechanism

Simplify Big Data Security & Management with Vormetric

Using Encryption and Access Control - Thales e-Securityenterprise-encryption.vormetric.com/rs/vormetric/images/Coalfire... · Vormetric and PCI Compliance in AWS Page 2 Executive

Getting Started with Transparent Encryption Vormetric ...€¦ · Getting Started with Transparent Encryption Vormetric Training 5.2.1 Lab Exercises: Vormetric Software ... Encryption

Vormetric Data Security Platform · 2017-05-18 · Vormetric Data Security Platform . CAPABILITIES Transparent file encryption

Vormetric Data Security Platform Vormetric Data Security ...The Vormetric Data Security Platform features these products: Vormetric Data Security Manager. Offers centralized management