Thales Data Threat Report Highlights Rise of Ransomware

With businesses today facing threats from malware to human error, the escalating nature of data security threats has become starkly evident. Among these threats, ransomware attacks continue to cause the most concern for IT professionals.

According to Thales’ 2024 Data Threat Report, security threats are intensifying in volume or severity – an opinion held by 93% of respondents. 

The annual report, based on a survey of nearly 3,000 IT and security professionals across 37 industries in 18 countries, reveals a significant surge from just 47% who held that view the previous year, underscoring the rapidly evolving landscape when it comes to cyber risks. 

Cyber threats continue to increase in volume and severity

Thales’ report paints an alarming picture of the ransomware threat, with over 27% more enterprises falling victim to such attacks in the past year alone. Disturbingly, less than half of organizations surveyed have a formal ransomware response plan in place, while a startling 8% admitted to paying the ransom demands.

Malware has also emerged as the fastest-growing menace of 2024, impacting 41% of enterprises over the previous 12 months, closely trailed by phishing and ransomware incidents. Cloud assets – encompassing SaaS applications, cloud storage and cloud infrastructure management platforms – remain prime targets for such attacks.

The report also shows that – for a second year running – human error remains the leading cause of data breaches, with 31% of enterprises pinpointing this as the root cause.  

Compliance is the key to data security

The research found that over two-fifths (43%) of enterprises failed a compliance audit in the past twelve months – with the report highlighting a very clear correlation between compliance and data security.

Of those who had failed a compliance audit in the past 12 months, 31% had experienced a breach that very same year. This compares to just 3% of those who had passed compliance audits.

Fundamental understanding of what systems, applications, and data are at risk also continues to lag due to changing regulatory and threat landscapes. Only a third (33%) of organisations said they could fully classify all of their data, with a worrying 16% stating that they classify very little or none of their data.

The reality of multicloud across services and changing global data privacy regulations means that data sovereignty is a leading priority for businesses, with 28% identifying mandatory external key management as the leading way to achieve sovereignty. 39% said that data residency would no longer be an issue provided that external encryption, key management, and separation of duties were implemented.

“Enterprises need to know exactly what they’re trying to protect. With global data privacy regulations continually changing, they need to have good visibility across their organization to stand any chance of staying compliant,” comments Sebastien Cano, Senior Vice President at Thales Cloud Protection and Licensing.

“If there’s one key takeaway from this year’s study, it’s that compliance is key. In fact, companies that had a good hold over their compliance processes and passed all their audits were also less likely to suffer a breach. We’ll start to see more compliance and security functions coming together. This would be a huge positive step to strengthen cyber defences and build trust with customers.”

******

Make sure you check out the latest edition of Technology Magazine and also sign up to our global conference series - Tech & AI LIVE 2024

******

Technology Magazine is a BizClik brand