Today, data-rich organizations are increasingly under attack by cybercriminals looking to exploit security vulnerabilities. Mitigating risk in this challenging operating environment requires quantum-secure data protection.
Today, data-rich organizations are increasingly under attack by cybercriminals looking to exploit security vulnerabilities. Mitigating risk in this challenging operating environment requires organizations to look beyond traditional security architectures. Increasing cyber threats, an expanding cyberattack surface, evolving data privacy regulations, and governance mandates demand that enterprises move to quantum-secure data protection solutions now.
Increasing cyber threats
Ransomware and other cyberattacks are increasing in frequency and severity. Recent headlines highlight the critical need for enterprises to strengthen their defensive posture to close security gaps and protect sensitive business data and intellectual property.
The COVID-19 pandemic underscored that no organization is immune from cyberattacks. The pandemic escalated cyberattacks to a relentless pace, impacting businesses in every sector across the globe. According to the 2020 State of Security Operations study by Forrester Consulting, 79% of enterprises experienced a cyber breach in the past year. The FBI’s Internet Crime Complaint Center 2020 Internet Crime Report also paints an alarming picture of the scope and impact of these cyberattacks. The Internet Crime Complaint Center received 791,790 cybercrime complaints in 2020 – an increase of more than 300,000 complaints from 2019 – with reported losses exceeding $4.2 billion.
Enterprise cyber risks continue to loom post-COVID. The Identity Theft Resource Center (ITRC) projects that data breaches will reach an all-time high by the end of 2021. The ITRC’s latest U.S. data breach analysis found that publicly reported U.S. data breaches were up 38% in the second quarter of 2021 compared to the first quarter.
ITRC data also shows that phishing and ransomware attacks remain the top two root causes for data compromises. According to the ITRC, “the surge in phishing, ransomware and supply chain attacks is driving the pace of data compromises and the main reason 2021 could see a new record for total data breaches, data exposures, and data leaks.”
Eva Velasquez, president and CEO of the ITRC, noted earlier this year that “cybercriminals are simply shifting their tactics to find a new way to attack businesses and consumers. It is vitally important that we adapt our practices and shift resources to stay one step ahead of the threat actors…”
Cyber threats continue to be a top threat for many organizations. According to the Allianz Risk Barometer (an annual survey of more than 2,700 risk experts from 100 countries aimed at identifying the top threats for companies for the next 12 months and beyond), cyber risk, which seven years ago ranked as low as 15th in the Barometer, now ranks either near or at the top of seemingly every risk poll conducted.
As exposure to cyber risks continues to increase, organizations will need to develop a security-first, proactive approach to closing cyber security gaps. Advanced quantum-secure data and anti-ransomware solutions are key to helping organizations lock down data, protecting data at rest, in use, or in transit. Quantum secure data privacy solutions keep data secure and available to authorized users regardless of whether a network is breached, surveilled, or data is exfiltrated by malware or ransomware.
Expanding attack surface: A time for quantum-secure data protection
Covid-19 has changed the digital footprint of many organizations. Hybrid and remote working has expanded attack surfaces, posing threats to enterprise data security and privacy.
These working models, along with the associated widening cyber threat landscape, are here to stay. In fact, one in three companies anticipates having half or more of their workforce remote post COVID, according to the professional services firm Mercer. A survey by Upwork shows that remote work will continue to grow, revealing that the expected growth rate of full-time remote work over the next five years has doubled, from 30% to 65%.
The massive shift in working norms led Gartner to name remote work one of the Top Security and Risk Trends for 2021, noting that “from a security perspective, this requires a total reboot of policies and tools and approved machines to better mitigate the risks.”
The Internet of Things (IoT) is another component of the digital enterprise creating security gaps in organizations and presenting cybersecurity risks. The rapidly increasing number of IoT endpoints provides cybercriminals with opportunities to breach corporate networks and steal data. The number of Internet of Things (IoT) devices is doubling every five years, and Gartner expects that more than 15 billion IoT devices will connect to enterprise infrastructure by 2029.
IoT endpoints present a potential costly clear and present danger for organizations. Research has shown the significant financial exposure of leaky IoT security for companies, with the cost of IoT breaches representing tens of millions of dollars for large firms. Nearly half of firms with annual revenues above $2 billion estimated the potential cost of one IoT breach at more than $20 million.
New working paradigms and a growing number of IoT endpoints are driving a critical need for enterprises to deploy quantum secure data privacy solutions that transform data properties into quantum-secure fragments to eliminate threats associated with an ever-widening attack surface.
Data privacy and governance regulations
Data privacy is a growing concern as organizations collect and share more and more data. According to IDC, these concerns will continue to escalate considering that the amount of data created over the next three years will be more than the data created over the past 30 years. As stewards of much of this data, enterprises are facing increasing mandates to protect data privacy.
Data protection and privacy laws continue to evolve. Currently, 66% of countries have legislation in place that addresses data security and privacy. In the U.S., 17 states are considering data privacy bills. Three states in the nation have already enacted comprehensive data privacy legislation – California was the first state to pass a data privacy law with the California Consumer Protection Act (CCPA), followed by Virginia, which enacted the Consumer Data Protection Act (CDPA) earlier this year and Colorado which most recently passed the Colorado Privacy Act (CPA).
The developing alphabet soup of privacy and data governance laws is challenging enterprises to keep pace with compliance mandates. Research from CompTIA found that privacy concerns are one of the main issues driving cybersecurity in organizations. The report highlighted that “privacy concerns are likely to be a focal point of regulatory activity in the future, an area which many companies may be underestimating.”
Data privacy is high stakes for enterprises. Failure to protect data can result in business disruption, lost productivity, lawsuits, data loss, fines, and damage to brand reputation. A study by Globalscape reports the cost of non-compliance is 2.71 times higher than the cost of compliance.
Enterprises can mitigate compliance risks with quantum-secure data protection technology. The technology uses encryption, data shredding, advanced key management, true random number generation, and file reconstitution to significantly reduce risk from both a governance and regulatory compliance perspective.
Enterprises need quantum-secure data protection platforms now to protect data today and to be prepared for the threats of tomorrow in addressing an ever-expanding attack surface and evolving data privacy and governance regulations.