New Research Reveals Wide Gap between Perception and Reality of Perimeter Security Effectiveness
• While 87% of IT decision-makers feel their organization’s perimeter security is effective at keeping out security threats, 30% of IT decision-makers admit their company has fallen victim to a data breach
• 33% think unauthorized users are still able to access their networks and 34% are not confident in the security of their organization’s data should a breach occur
• 90% of organizations that experienced data breaches suffered negative commercial consequences as a result
AMSTERDAM – April 15, 2015 ─ Gemalto (Euronext NL0000400653 GTO), the world leader in digital security, has today released the latest findings of the 2015 Data Security Confidence Index (DSCI). The report reveals a widening gap emerging between the perception and the reality of perimeter security effectiveness amongst global IT decision makers. The research shows increasing levels of investment in this area of data protection, despite an exponential growth in the number of data breaches.
Investments in Breach Prevention Rise Despite Increased Breaches of Perimeter Security
The number of global data breaches continues to increase – according to Gemalto’s Breach Level Index (BLI), more than 1,500 data breaches led to one billion data records compromised in 2014 alone, a 49% increase in data breaches and a 78% increase in data records stolen or lost compared to 2013. Despite this the DSCI research shows that almost nine out of ten (87%) IT decision makers feel their organization’s perimeter security systems are effective at keeping out unauthorized users. The study shows that IT decision makers are looking to further increase their investment in perimeter security with 64% looking to do so in the next 12 months. Interestingly, when thinking of the most recent breaches, the average amount of breached data protected by encryption was below 8%, highlighting the need for a more robust data protection strategy.
Low Confidence in Ability to Prevent Breaches and Unauthorized User Access
Nevertheless, a third (33%) believe unauthorized users are still able to access their networks and a further 34% are not confident in the security of their organization’s data, should a breach occur. In fact, the DSCI survey reveals that as a result of recent high profile breaches, 71% of organizations have adjusted their security strategy, but are still focused on perimeter security. Adding to the confusion, nearly three quarters of IT decision makers (72%) stated that their investment in perimeter security has increased over the past five years, though 30% admitted that in the past 12 months their company has been victim to a breach, showing the need to approach security differently. Although high-profile data breaches have driven over seven in 10 (71%) organizations to adjust their security strategy, more than three in five (62%) respondents are no more confident than they were this time last year in the security industry’s ability to detect and defend against emerging security threats.
“With the number of sophisticated breaches on the rise, relying on perimeter security systems alone is no longer enough. Traditional security staples such as firewalls and anti-virus should be part of a much greater security strategy. IT decision makers need to take into account that if someone is motivated enough they will breach a network, no matter how well it is protected,” said Tsion Gonen, Vice President of Strategy for Identity and Data Protection at Gemalto.
Commercial Impacts of Data Breaches
As a result of these attacks, nine out of 10 organizations (90%) suffered negative commercial consequences, including delays in product or service development (31%), decreased employee productivity (30%), decreased customer confidence (28%), and negative press (24%). This highlights the severe consequences of data breaches, which can be damaging both to an organization’s reputation and bottom line, as well as to customers’ confidence in entire industry sectors.
“Organizations still place too much emphasis on perimeter security, even though it has proven to be ineffective“, added Gonen. “Decision makers should place greater importance on customer data, and look to adopt a ‘secure the breach’ approach that focuses on securing the data after intruders penetrate the perimeter defenses. This means they need to attach security directly to the data itself using multi-factor authentication and data encryption, as well as securely managing encryption keys. That way, if the data is stolen, it is useless to the thief.”
For a full summary of data breach incidents by industry, source, type and geographic region, download the
2014 Breach Level Index Report.
- Data Security Confidence Index Report
- Data Security Confidence Infographic
- Breach Level Index
- Secure the Breach Manifesto
- Secure the Breach Web Site
Through its acquisition of SafeNet, Gemalto offers one of the most complete portfolios of enterprise security solutions in the world, enabling its customers to enjoy industry-leading protection of digital identities, transactions, payments and data – from the edge to the core. Gemalto’s complete portfolio of SafeNet Identity and Data Protection solutions enable enterprises across many verticals, including major financial institutions and governments, to take a data-centric approach to security by utilizing innovative encryption methods, best-in-class crypto management techniques, and strong authentication and identity management solutions to protect what matters, where it matters. Through these solutions, Gemalto helps organizations achieve compliance with stringent data privacy regulations and ensure that sensitive corporate assets, customer information, and digital transactions are safe from exposure and manipulation in order to protect customer trust in an increasingly digital world.
About the Data Security Confidence Index
The research conducted by Vanson Bourne on behalf of Gemalto polled more than 900 individuals across the U.S., UK, Europe, Middle East and Asia-Pacific. Respondents were comprised of security and IT executives across various verticals, including financial services, healthcare, manufacturing, the public sector, telecommunications, utilities, retail, construction, insurance, legal and more. The full report can be found here.
Gemalto (Euronext NL0000400653 GTO) is the world leader in digital security with 2014 annual revenues of €2.5 billion and blue-chip customers in over 180 countries.
Gemalto helps people trust one another in an increasingly connected digital world. Billions of people want better lifestyles, smarter living environments, and the freedom to communicate, shop, travel, bank, entertain and work – anytime, everywhere – in ways that are enjoyable and safe. In this fast moving mobile and digital environment, we enable companies and administrations to offer a wide range of trusted and convenient services by securing financial transactions, mobile services, public and private clouds, eHealthcare systems, access to eGovernment services, the Internet and internet-of-things and transport ticketing systems.
Gemalto’s unique technology portfolio – from advanced cryptographic software embedded in a variety of familiar objects, to highly robust and scalable back-office platforms for authentication, encryption and digital credential management – is delivered by our world-class service teams. Our 14,000 employees operate out of 99 offices, 34 personalization and data centers, and 24 research and software development centers located in 46 countries.
For more information visit www.gemalto.com, www.justaskgemalto.com, blog.gemalto.com, or follow @gemalto on Twitter.
Gemalto media contacts:
+1 512 758 8921
+55 11 5105 9220
Europe & CIS
+49 89 210 299 129
Middle East & Africa
+33 1 55 01 57 89
大中华地区 (Greater China)
+65 6317 3802
Find Gemalto’s Media Contacts in your region.