- Globally, IT leaders ranked malware, ransomware and phishing as the leading source of increased security attacks
- Less than half of Indian businesses (47%) have a formal ransomware plan
- Data breaches remain high with 25% of respondents experiencing a data breach in the last 12 months in India
- Globally the vast majority (79%) of businesses remain concerned about the security risks of an increasingly remote workforce
- 51% of global IT leaders agreed that it is more complex to manage privacy and data protection regulations in a cloud environment.
New research from Thales has found that malware, ransomware and phishing continues to plague global organisations. In fact, one in four (26%) respondents in India have experienced a ransomware attack in the last year, higher than the global figure of 21%. Out of these, 30% of the Indian organizations have experienced significant impact on operations.
First seen in the late 1980’s, with the PC Cyborg Virus, the frequency and impact of ransomware attacks has now accelerated due to the rise of cryptocurrency as the preferred ransomware payment method. In fact, 2022 Thales Data Threat Report, conducted by 451 Research, part of S&P Global Market Intelligence, including more than 2,700 IT decision-makers worldwide, found a fifth (22%) of organisations have admitted that they have paid or would pay a ransom for their data. Despite this, 41% of respondents globally and 55% in India said they had no plans to change security spending, even with greater ransomware impacts.
Additionally, less than half of respondents (47%) in India have implemented a formal ransomware plan, which is close to the global figure of 48%.
Data Visibility is a Challenge
As more companies adopt multicloud strategies and hybrid work remains the norm, IT leaders continue to be challenged by the sprawl of data across their organizations and find it more difficult to locate all of their data. Globally just over half (56%) of IT leaders were very confident or had complete knowledge of where their data was being stored, down from 64% the previous year , and only a quarter (25%) stated they were able to classify all their data.
Threats & Compliance Challenges
Throughout 2021, security incidents remained high globally, with almost a third (29%) of businesses experiencing a breach in the past 12 months. Additionally, almost half (43%) of IT Leaders admitted to having failed a compliance audit.
Globally, IT leaders ranked malware (56%), ransomware (53%) and phishing (40%) as the leading source of security attacks. Managing these risks is an ongoing challenge, with almost half (45%) of IT leaders reporting an increase in the volume, severity and/or scope of cyberattacks in the past 12 months.
The Cloud is Increasing Complexity & Risk
Cloud adoption is increasing worldwide with more than a third (34%) of respondents saying they used more than 50 Software as a Service (SaaS) apps and 16% used more than 100 apps. However, 51% of IT leaders agreed that it is more complex to manage privacy and data protection regulations in a cloud environment than in on-premises networks within their organization, up from 46% last year.
The 2022 Data Threat Report also revealed significant momentum amongst businesses to store data in the cloud, with 32% of respondents stating that around half of their workloads and data resides in external clouds, and a quarter (23%) reporting more than 60%. However, 44% reported that they had experienced a breach or failed an audit in their cloud environments.
Additionally, the use of encryption to protect sensitive data is low, with only half of respondents (50%) disclosing that more than 40% of their sensitive data has been encrypted, and a fifth (22%) stating more than 60%. Representing a significant ongoing risk for businesses.
Remote Work Worries
Another full year of remote working demonstrated that navigating security risks is proving a significant challenge for businesses. Worryingly, the majority of businesses (79%) are still concerned about the security risks and threats that posed by remote working. Only half of IT leaders (55%) reported to have implemented multi factor authentication (MFA), a figure unchanged from the previous year .
Threats on the Horizon
However, the report also showed that IT leaders have significant diversity of spending technology priorities – suggesting they are serious about tackling complex threat environments. A quarter (26%) stated that broad cloud security toolsets are the greatest future spending priority. Additionally, a similar number of IT leaders (25%) stated they were prioritising key management, with Zero Trust an important strategy for 23%.
IT leaders are also increasingly aware of the future challenges on the horizon. Looking ahead, when asked to identify security threats from quantum computing, 52% said they were concerned with ‘tomorrow’s decryption of today’s data’, a concern that will likely be intensified by the increasing complexity of cloud environments.
Thales and 451 Research will discuss the findings in more detail during a webinar on 31 March 2022. To join, please visit the registration page.
About the 2022 Thales Global Data Threat Report
The 2022 Thales Global Data Threat Report was based on a global 451 Research survey, fielded in January 2022, commissioned by Thales of more than 2,700 executives with responsibility for or influence over IT and data security. Respondents were from 17 countries: Australia, Brazil, Canada, France, Germany, Hong Kong, India, Japan, Mexico, Netherlands, New Zealand, Singapore, South Korea, Sweden, the United Arab Emirates, the United Kingdom, and the United States. Organisations represented a range of industries, with a primary emphasis on healthcare, financial services, retail, technology, and federal government. Job titles ranged from C-level executives including CEO, CFO, Chief Data Officer, CISO, Chief Data Scientist, and Chief Risk Officer, to SVP/VP, IT Administrator, Security Analyst, Security Engineer, and Systems Administrator. Respondents represented a broad range of organizational sizes, with the majority ranging from 500 to 10,000 employees.
Thales (Euronext Paris: HO) is a global leader in advanced technologies, investing in digital and “deep tech” innovations – connectivity, big data, artificial intelligence, cybersecurity and quantum technologies – to build a confident future crucial for the development of our societies. The Group provides its customers – businesses, organizations and governments – in the defense, aeronautics, space, transport, and digital identity and security domains with solutions, services and products that help them fulfil their critical role, consideration for the individual being the driving force behind all decisions.
Thales has 81,000 employees in 68 countries. In 2021, the Group generated sales of €16.2 billion.
Present in India since 1953, Thales is headquartered in Noida and has other operational offices and sites spread across Delhi, Gurugram, Hyderabad, Bengaluru and Mumbai, among others. Over 1,800 employees are working with Thales and its joint ventures in India. Since the beginning, Thales has been playing an essential role in India’s growth story by sharing its technologies and expertise in Defence, Transport, Aerospace and Digital Identity and Security markets. Thales has two engineering competence centres in India - one in Delhi NCR focused on digital identity and security business, while the one in Bengaluru focuses on hardware, software and systems engineering capabilities for both the civil and defence sectors, serving global needs.