The 2022 Thales Data Threat Report has found that malware, ransomware and phishing continue to plague global organisations. One in five have experienced a ransomware attack in the last year; with 43 per cent of those facing a significant impact on operations
First seen in the late 1980s, with the PC Cyborg Virus, the frequency and impact of ransomware attacks has now accelerated due to the rise of cryptocurrency as the preferred ransomware payment method. Thales’ report which surveyed more than 2,700 IT decision-makers worldwide, found a fifth of organisations have admitted that they have paid or would pay a ransom for their data. Despite this, 41 per cent of respondents said they had no plans to change security spending, even with greater ransomware impacts.
Throughout 2021, security incidents remained high, with almost a third of businesses experiencing a breach in the past 12 months. Additionally, almost half of IT leaders admitted to having failed a compliance audit.
Globally, IT leaders ranked malware (56 per cent), ransomware (53 per cent) and phishing (40 per cent) as the leading source of security attacks. Managing these risks is an ongoing challenge, with almost half of IT leaders reporting an increase in the volume, severity and/or scope of cyberattacks in the past 12 months.
Another full year of remote working demonstrated that navigating security risks is proving a significant challenge for businesses. Most businesses (79 per cent) are still concerned about the security risks and threats that posed by remote working. Only half of IT leaders reported to have implemented multi factor authentication (MFA), a figure unchanged from the previous year.
Cloud is increasing complexity and risk
Cloud adoption is increasing with more than a third of respondents saying they used more than 50 SaaS apps and 16 per cent used more than 100 apps. However, 51 per cent of IT leaders agreed that it is more complex to manage privacy and data protection regulations in a cloud environment than in on-premises networks within their organisation, up from 46 per cent last year.
The 2022 Thales Data Threat Report also revealed significant momentum amongst businesses to store data in the cloud, with 32 per cent of respondents stating that around half of their workloads and data resides in external clouds, and a quarter (23 per cent) reporting more than 60 per cent. However, 44 per cent reported that they had experienced a breach or failed an audit in their cloud environments.
Threats on the horizon
However, the report also showed that IT leaders have significant diversity of spending technology priorities – suggesting they are serious about tackling complex threat environments. A quarter stated that broad cloud security toolsets are the greatest future spending priority. Additionally, a similar number of IT leaders stated they were prioritising key management, with zero trust an important strategy for 23 per cent.
Sebastien Cano, Senior Vice President for Cloud Protection and Licensing activities at Thales, said: “As the pandemic continues to affect both our business and personal lives, any expectation of a ‘return’ to pre-pandemic conditions have faded. Whilst teams around the world have continued to face challenges in securing their data, our findings indicate that urgent action is needed by businesses to develop more robust cybersecurity strategies. The attack surface, as well as the asset management challenges, are only set to increase in the coming year, and it is vital that businesses deploy a robust security strategy based on discovery, protection and control.”