A global survey of IT and cybersecurity decision makers highlights concerns over the security of data in motion across high-speed networks.
Continued adoption of cloud services, remote working, 5G and IoT applications means more data is in motion than ever before. The result is unprecedented demand for (and dependency upon) high-speed wide area networks.
IDC predicts that organizations will be transferring 57% of their data from the edge to the core by 2022, up from 36% a year ago, “meaning enterprises will need to manage a lot more data in motion.”
This exponential growth in data represents potentially rich pickings for hackers, cybercriminals and state-sponsored actors. Cyberattacks on network data are becoming increasingly persistent and sophisticated, threatening loss of IP, citizen privacy, data sovereignty and a wide range of sensitive or confidential data.
The research highlights how network data security needs to be a higher priority amongst cybersecurity professionals. Here are six key takeaways:
- Just 9% of enterprises believe they have a proactive cybersecurity strategy that effectively addresses the evolving threat landscape.
- 42% say they do not currently encrypt their data in motion.
- 46% are not confident that their network data security solutions position them well against cyberthreats.
- 70% rely upon network operations staff to regularly implement disruptive software patches to maintain systems.
- 69% rely upon firewalls or IPsec for encrypting network data in motion, rather than dedicated encryption devices.
- 61% say they have yet to develop a strategy for addressing the threat posed by quantum computers.
It’s not all bad news, as the respondents show a high level of awareness of the challenges they face. For example, 85% believe the separation of duties that is inherent in dedicated encryption devices is a core component in providing maximum data protection. A similar number (86%) understand the vital role encryption key management plays in their overall encryption security strategy.
The research also indicates a varied approach to key and encryption management within end-user organisations, with responsibility sitting across IT, security, networking and outsourced service providers. Whilst every organization is different, this suggests there is no global standard for best-practice encryption management. Without a universally accepted “right way” to do things, end-user organizations often leverage third party expertise, with one in twenty outsourcing encryption and key management entirely.
The report goes on to offer some practical advice as to how organizations can improve their encryption security stance, delivering maximum data protection without impacting on network performance. For details on how Senetas high-assurance encryptors help customers meet this challenge, visit our high-assurance solutions page.
Thales cybersecurity research report