Vanilla+ : Businesses collect more data than they can handle, reveals Gemalto

vanillaplusWith pressure to ensure consumer data is protected mounting, Gemalto, the provider in digital security, released the results of a global study which reveals that two in three companies (65%) are unable to analyse all the data they collect and only half (54%) of companies know where all of their sensitive data is stored. Compounding this uncertainty, more than two thirds of organisations (68%) admit they don’t carry out all the procedures in line with data protection laws such as GDPR.

“If businesses can’t analyse all of the data they collect, they can’t understand the value of it – and that means they won’t know how to apply the appropriate security controls to that data,” says Jason Hart, vice president and CTO for data protection at Gemalto.

“Whether it’s selling it on the dark web, manipulating it for financial gain or to damage reputations, unsecured data is a goldmine for hackers. You only need to look at the recent hacks on the World Anti-Doping Agency and International Luge Federation to see the damage that can be done.”

“What’s more, data manipulation can take years to discover, and with data informing everything from business strategy to sales and product development, its value and integrity cannot be underestimated.”

To read the full article click here.

Digital Insurance: Businesses avidly gather data and then fail to use it, a new study finds

digital-insurance-logoLike a compulsive shopper who continually purchases items that will never be used, most businesses are collecting far more data on their customers than they can ever analyze—or even properly classify. And like that shopper who’s in danger of mounting credit card debt, businesses engaged in uncontrolled data gathering also face a costly risk that they may be in violation of new data privacy laws.

“If businesses can’t analyze all of the data they collect, they can’t understand the value of it—and that means they won’t know how to apply the appropriate security controls to that data,” says Jason Hart, Gemalto’s vice president and CTO for data protection. “Whether it’s selling it on the dark web [or] manipulating it for financial gain unsecured data is a goldmine for hackers. What’s more, data manipulation can take years to discover, and with data informing everything from business strategy to sales and product development, its value and integrity cannot be underestimated.”

To read the full article click here.

SME Futures – Half of Indian companies lack on the critical parameter of data protection: survey

sme-logoAs companies make a beeline for accumulating data, a survey said 45 per cent of the organisations cannot analyse or categorise all the consumer data they store.

As data becomes a sought-after commodity, with some business leaders calling it as the new oil, a survey has found nearly half of Indian companies to be lacking on the critical parameter of data protection. Apart from that, companies also seem to be lacking on proper storage of sensitive data, the survey by digital security firm Gemalto has said.

“If businesses can’t analyse all of the data they collect, they can’t understand the value of it and that means they won’t know how to apply the appropriate security controls to that data,” Gemalto’s chief technology officer for data protection, Jason Hart, said.

To read the full article click here.

 

 

Technology Decisions – Businesses unable to handle all their data: Gemalto

technology-decisionsTwo in three companies are collecting more data than they are able to analyse, according to new research from Gemalto.

In addition, the study reveals that only half (54%) of companies know where all of their sensitive data is stored. Compounding this uncertainty, more than two-thirds of organisations (68%) admit they do not carry out all the procedures in line with data protection laws such as GDPR.

“If businesses can’t analyse all of the data they collect, they can’t understand the value of it — and that means they won’t know how to apply the appropriate security controls to that data,” said Jason Hart, Vice President and CTO for Data Protection at Gemalto.

“Whether it’s selling it on the dark web, manipulating it for financial gain or to damage reputations, unsecured data is a goldmine for hackers. You only need to look at the recent hacks on the World Anti-Doping Agency and International Luge Federation to see the damage that can be done. What’s more, data manipulation can take years to discover, and with data informing everything from business strategy to sales and product development, its value and integrity cannot be underestimated.

To read the full article click here.

HelpNet Security – Businesses collect more data than they can handle, only half know where sensitive data is stored

helpnetWith pressure to ensure consumer data is protected mounting, Gemalto today released the results of a global study which reveals that 65% are unable to analyze all the data they collect and only 54% of companies know where all of their sensitive data is stored.

Compounding this uncertainty, more than two thirds of organizations (68%) admit they don’t carry out all the procedures in line with data protection laws such as GDPR.

“If businesses can’t analyze all of the data they collect, they can’t understand the value of it – and that means they won’t know how to apply the appropriate security controls to that data,” says Jason Hart, VP and CTO for Data Protection at Gemalto. “Whether it’s selling it on the dark web, manipulating it for financial gain or to damage reputations, unsecured data is a goldmine for hackers. What’s more, data manipulation can take years to discover, and with data informing everything from business strategy to sales and product development, its value and integrity cannot be underestimated.”

To read the full article click here.

Computer Business Review – Gemalto Reveals Businesses Collect More Data Than They Handle

cbr-logoBritish companies could be falling behind in analysing their own data collection, according to Gemalto’s recent global study.

More than two in three companies (65 percent) are unable to analyse the data they collect according to a recent global study conducted by Gemalto. The study revealed only half (54 percent) of companies knew where they stored their sensitive data, the Dutch digital security company found. More than two-thirds of organisations (68 percent) admitted that they did not carry out all procedures in line with data protection laws such as GDPR.

Hart said: “With the UK falling behind European and global counterparts, British organisations could soon find themselves being outmanoeuvred by more agile competitors, offering better solutions and services thanks to their ability to protect and analyse data.”

To read the full article click here.

ComputerWorld Australia – Australian organisations struggling with compliance, security report says

computerworldA new report from Gemalto claims Australian organisations may be falling short when it comes to compliance with data security regulations.

The company today released its fifth annual Data Security Confidence Index. The report is based on a global survey of 1050 IT decision makers and 10,500 consumers — including 100 Australian IT decision makers and 1000 Australian consumers.

“If businesses can’t analyse all of the data they collect, they can’t understand the value of it – and that means they won’t know how to apply the appropriate security controls to that data,” Jason Hart, vice president and CTO for data protection at Gemalto, said in a statement. “Whether it’s selling it on the dark web, manipulating it for financial gain or to damage reputations, unsecured data is a goldmine for hackers.”

To read the full article click here.

Infosecurity Magazine – Businesses Are Collecting More Data Than They Need

infosecurityBusinesses have gotten into the habit of collecting lots of data, but the mounting data they’ve compiled surpasses its usefulness. Nearly half of all companies having no idea where their sensitive data is stored, according to a new survey from Gemalto.

The fifth annual Data Security Confidence Index surveyed 1,050 IT decision makers and 10,500 consumers worldwide, revealing that 46% of companies don’t know where all of their sensitive data is stored and a majority of companies are unable to analyze all the data they collect.

“If businesses can’t analyze all of the data they collect, they can’t understand the value of it – and that means they won’t know how to apply the appropriate security controls to that data,” says Jason Hart, vice president and CTO for data protection at Gemalto.

“Whether it’s selling it on the dark web, manipulating it for financial gain or to damage reputations, unsecured data is a goldmine for hackers. You only need to look at the recent hacks on the World Anti-Doping Agency and International Luge Federation to see the damage that can be done. What’s more, data manipulation can take years to discover, and with data informing everything from business strategy to sales and product development, its value and integrity cannot be underestimated.”

What challenges enterprise cyber security executives?

data-security-confidence-index-2017-infographic-image-300x179Here’s an understatement for you: this is an interesting time to be a cyber security or risk management executive at an enterprise.

In reality, this is the most challenging period ever for organizations when it comes to safeguarding data and systems. There is a rising number of data breaches—nearly 1.4 billion data records were lost or stolen in 2016, according to Gemalto’s Breach Level Index—and serious threats such as ransomware are making worldwide headlines on a regular basis.

On top of that, companies are having to deal with a growing number of data protection regulations. This includes the General Data Protection Regulation (GDPR), a set of rules created by the European Parliament, European Council and European Commission to strengthen data protection for individuals within the European Union (EU).

Despite these and other developing challenges swirling around the cyber security landscape, many organizations are relying on the same old security solutions they’ve had in place for years. For example, a majority of IT professionals still think perimeter security products are effective at keeping unauthorized users out of their networks, according to a new Gemalto report conducted by independent research firm Vanson Bourne.

The report, Gemalto’s fourth-annual Data Security Confidence Index, also shows that companies are under investing in technology that adequately protects their business.

To gather data for the study, Vanson Bourne surveyed 1,050 IT decision makers across the U.S., U.K., France, Germany, India, Japan, Australia, Brazil, Benelux the Middle East and South Africa on behalf of Gemalto. The sample was split between manufacturing, healthcare, financial services, government, telecommunications, retail, utilities, consultation and real estate, insurance and legal, IT and other sectors from organizations with 250 to more than 5,000 employees.

A huge majority of those surveyed (94%) think perimeter security tools are quite effective at keeping unauthorized users out of their networks. But at the same time, about two thirds (65%) are not extremely confident that their data would be protected should their perimeter be breached. This represents a slight decrease from the survey conducted last year (69%). And despite the broad lack of confidence, nearly six in 10 of the organizations report that they think all their sensitive data is secure.

This shows that at many organizations, perimeter security is the focus but a good understanding of technology and data security is still lacking. Many of these businesses are continuing to prioritize perimeter security without realizing it has been largely ineffective against sophisticated cyber attacks.

The latest Gemalto research findings show that 76% of the decision makers said their organization had increased investment in perimeter security technologies such as firewalls, intrusion detection and prevention systems (IDPS), antivirus software, content filtering tools and anomaly detection systems to protect against external attackers.

Despite this investment, however, two thirds of the survey respondents (68%) think unauthorized users could access their networks, rendering their perimeter security ineffective.

These findings suggest a lack of confidence in the solutions being used today, especially when you consider that more than one quarter of the organizations (28%) have suffered perimeter security breaches over the past 12 months.

The reality of the situation gets even worse when you take into account the fact that, on average, only 8% of the data breached was encrypted. That means the vast majority of the stolen data was completely exposed to attackers—an unacceptable situation for organizations that should be doing all they can to protect sensitive information.

Furthermore, according to the report more than half of the respondents said they do not know where their sensitive data is stored, and more than one third of businesses do not encrypt valuable information such as payment or customer data. In other words, if this data is stolen, a cyber criminal would have full access to the information and could use it for crimes such as identify theft, financial fraud or ransomware.

It is clear that there is a divide between organizations’ perceptions of the effectiveness of perimeter security and the reality. By believing that their data is already secure, businesses are failing to prioritize the measures necessary to protect their data.

Businesses need to be aware that hackers and other bad actors are going after companies’ most valuable assets: their data. It’s important that they focus on protecting these resource, otherwise reality will inevitably bite those that fail to do so.

Inadequate security not only exposes organizations’ data to attackers, it leaves enterprises open to the risk of non compliance with regulations such as GDPR. There seems to be a global trend toward reforming and enhancing data protection laws, and many companies are not sure how to approach these new requirements.

That’s especially true of data privacy, which has traditionally been an afterthought, rather than included in products “by design.” This necessitates a longer-term change in approach and mindset.

With GDPR, which becomes enforceable in May 2018, organizations need to understand how to comply by properly securing personal data to avoid the risk of administrative fines and reputational damage. However, more than half of the survey respondents said they do not think they will be fully compliant with GDPR by May next year.

With less than a year to go, companies need to begin introducing the correct security protocols in their efforts to reach GDPR compliance, including encryption, two-factor authentication and key management strategies.

Investing in cyber security solutions has clearly become more of a focus for businesses in the last 12 months. However, what is of concern is that so few are adequately securing the most vulnerable and crucial data they hold, or even understand where it is stored. This is standing in the way of GDPR compliance, and before long the businesses that don’t improve their cyber security will face severe legal, financial and reputational consequences.

That’s not all. Organizations that don’t bring their security infrastructure up to date might also face the wrath of their customers, employees, business partners and other stakeholders. Fortunately, they can take steps to bolster security before it’s too late.

Discover more and download the Data Security Confidence Report.

Also posted on the Gemalto Enterprise Security blog here.

eWEEK – Enterprises Overconfident About Perimeter Security, Gemalto Finds

logo_eweekThe 2017 Data Security Confidence Index Report reveals gaps between organizations’ perceptions of what keeps them secure and what actually works.

“One of the things that continues to show up every year, and I would have expected it to change, is the investment and perception of perimeter security versus the reality of its effectiveness,” Jason Hart, vice president and chief technology officer for data protection at Gemalto, told eWEEK. “As security professionals, I find it interesting we can know something doesn’t work but are willing to do it for the perceived security value.”

Hart added that sometimes a perceived sense of security is the motivation for unwarranted investments in perimeter security. He noted that Gemalto’s report found that only 8 percent of organizations encrypt data, which actually is a more effective security mechanism because it reduces the value of data if it’s stolen.

To read the full article click here.