Do Security Pros Need a Single Unifying Platform?
-
Do Security Pros Need a Single Unifying Platform?
Despite companies making heavy investments in data security tools, security pros face challenges protecting data, and they want a unified data security platform. -
Budgets Don't Guarantee Data Protection
93% of organizations face technical challenges in protecting data, even when they've invested in security tools. They struggle to keep up with evolving cyber-threats, encrypt data, deal with disparate products that don't communicate, and control data access. -
Budgets Don't Guarantee a Mature Strategy
76% of the data security professionals surveyed believe their organization has a mature or very mature data security strategy, but they base that opinion on the amount of money spent on security. -
Data Privacy Is Still a Top Concern
Almost 80% of data security decision-makers are concerned or very concerned about the privacy of customer and employee data. -
Organizational Challenges
90% of respondents said organizational challenges impede them from securing data effectively. At the top of the list are the inability to keep up with regulations and insufficient budgets. -
Failure to Encrypt and Audit Data
Most companies struggle to encrypt data, audit it for abuse, enforce a strict least-privilege model, classify it and understand where it's located. -
Classifying Sensitive Data
40% of the data security professionals surveyed classify their firm's customer data based on its sensitivity, and 41% do the same for employee data. -
Few Audit Customer Data Use
Only 36% of the respondents audit all use of customer data and analyze it for abuse. 40% enforce a strict least-privilege model for employee data. -
Locating Corporate Data in the Cloud
Only 34% of the data security professionals know where their corporate data in the cloud is located. -
Lack of Protection for Third-Party Data
Just 28% of the organizations in the survey encrypt, tokenize or mask third-party data, and only 27% do so for unstructured data. -
A Push for Unifying Disparate Data Security
90% of the respondents are interested or very interested in unifying data security products into one platform. -
Recommendations
The study provides four key recommendations: Expand what you mean by sensitive data. Know where sensitive data is, how it's classified, whether you control access, and whether it is encrypted, tokenized or masked. Identify gaps and create plans for data security capabilities. Rethink how to justify and measure the value of your investment in data security.
A new study finds that cyber-security professionals want to protect their data with a single unifying platform, rather using piecemeal tools. Despite making heavy investments in security tools, organizations suffer technical challenges in protecting their data. A majority of decision-makers expect to improve their ability to respond to breaches, lower the cost of legacy solutions, reduce exposure from breaches, and lower complexity with new integrated solutions, according to the study, "The Data Security Money Pit: Expense In Depth Hinders Maturity." Many products are designed to mitigate specific threats, but if they are used tactically rather than to support a strategy to improve data security overall, they can be costly and provide a false sense of security, said David Gibson, vice president of strategy market development at Varonis. "Ransomware, for example," he added, "exploits the same internal deficiencies that a rogue or compromised insider might—insufficient detective capabilities and over-subscribed access." Varonis, which makes software solutions that protect data from insider threats, commissioned Forrester Consulting to conduct this research, which surveyed 150 data security decision-makers. Following are highlights of the study.