View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

UK “Most Breached” Country in Europe – Data at Rest Security

Thales warns budgets are being misspent

By Shrina Gohil

UK Cyber Security Spending Misplaced?

The UK is the most breached country in Europe, according to a survey of 400 senior security managers by cyber security company Thales released today – with 37 percent of respondents saying they were breached in 2017 – up from 22 percent on the previous year.

Rates of failure in the last year” or data security compliance audits also soared: more than one in three of respondents polled in European enterprises reported a failed compliance audit in the last year.

Chief Strategy Officer at Thales, Peter Galvin said, “A tidal wave of data breaches is continuing to roll across Europe, with three in every four organisations now a victim of cyber-crime. As a result, people are feeling more vulnerable than ever before, worried about where the next threat will come from, and in what form.”

Are companies looking in the right places when it comes to spending IT budgets?

Misguided Spending?

The report found that respondents clearly recognise the defences designed specifically for protecting data are the most effective tools for doing so.

Data-at-rest defences were rated as the most effective tools for protecting data, with 72 percent responding that they were either ‘very’ or ‘extremely’ effective. However, data-at-rest security tools are not getting a high priority in spending increases.

“In fact, the data-at-rest defences that are the most effective at protecting large data stores are the lowest priority for increases in IT security spending, at only 36 percent”, the report’s authors noted.

At the same time, increases in IT security spending are greatest for endpoint (51 percent) and network (44 percent) defences, even as these tools become are no longer wholly effective against attacks designed to compromise data.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

See also: Talos “Deeply Concerned” as Killer Malware Hits 54 Countries, 500k Routers

Network and Endpoint-Based Security Controls Inadequate

The combination of spear phishing with zero-day exploits available to criminal hackers makes it almost impossible to keep intruders away from critical data stores solely with network and endpoint-based security controls, Thales highlighted/

“As respondents recognise, the most effective solutions are security controls that provide an additional layer of protection directly around data sets. Data-at-rest and data-in-motion security tools can reduce attack surfaces, and provide the information needed to quickly find and stop attacks designed to mine critical data while in progress,” Thales noted.

“Cloud computing also makes network security tools less relevant as increasingly infrastructure is no longer implemented within the four walls of the enterprise. In fact, the vast majority of new projects are implemented using cloud resources”

Peter Galvin from Thales further explained: “To stand the best chance of success against these advanced attacks, businesses need to dedicate the appropriate level of attention, budget and resource into safeguarding their sensitive data, wherever it happens to be created, shared or stored.”

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.