Business are moving more IT operations into the cloud, and storing more types of data in more cloud environments. To secure your private, public and hybrid cloud deployments, you need to be aware of the constantly changing data threat landscape to ensure you have the right cloud data security services and cloud provider to protect your sensitive assets. Do you have the data security services you need?
Join Andy Kicklighter, Director of Marketing from Vormetric, and Larry Collins, Product Manager from HOSTING, as they share the latest trends in the data threat landscape for cloud, big data and Internet of Things (IoT). They will review the most recent data security insights collected from 1000+ IT professionals like you and provide recommendations to protect your business data in your cloud environment.
What You’ll Learn:
•Latest encryption and data security trends in cloud, big data and IoT
•Best practices for data security solutions for any cloud environment
•Cloud solutions to protect your business while meeting compliance requirements
2. • This webinar is being recorded and an on-demand
version will be available at the same URL at the
conclusion of the webinar
• Please submit questions via the button on the upper left
of the viewer
• If we don’t get to your question during the webinar,
we will follow up with you via email
• Download related resources via the “Attachments”
button above the viewing panel
• On Twitter? Join the conversation: @HOSTINGdotcom,
@Vormetric
2
Housekeeping
4. • Larry Collins
• Product Manager at HOSTING
• responsible for managing the HOSTING Security Services product line
• Andy Kicklighter
• Director of Product Marketing at Vormetric,
• Over 25 years of experience
• Previously responsible for bringing to market data center and cloud-based tools and services for
start up established companies
• @akicklighter – Twitter
• Enterprise software product management, product marketing
and marketing communications leader
• Expertise in IT Security, IT infrastructure, IT Services and cloud
4
Presenters
5. 2016 VORMETRIC
DATA THREAT REPORT
1114
IT DECISION MAKERS
US (505), UK (101), DE (100),
JP (102), AUS(100), MEX (103),
BRZ (103)
HealthcareRetail
Other
Enterprise
Financial
Services
Enterprises of:
$250M+ for US, UK, DE, JP
$100M+ for BRZ, MEX, AUS
Polling and Analysis
by 451 Research
100%
Government
6. ENTERPRISES FEEL VULNERABLE
AND HAVE GOOD REASONS FOR IT
91% 61%VULNERABLE TO
DATA THREATS
9%
61%
22%
8%
NOT
VULNERABLE
SOMEWHAT
VULNERABLE
VERY
VULNERABLE
EXTREMELY
VULNERABLE
HAD A DATA BREACH
RATES OF VULNERABILITY TO DATA THREATS
7. COMPLIANCE DOES NOT EQUAL
DATA BREACH PREVENTION
64%
46%
BELIEVE COMPLIANCE
IS EFFECTIVE AT
PREVENTING DATA BREACHES
Compliance does not
ensure security”
..being compliant does
not mean you won’t
be breached”
“
“
Garrett Bekker
Sr. Analyst Enterprise Security,
451 Research
(58% IN THE 2015 REPORT)
RANK COMPLIANCE AS A
TOP 3 IT SECURITY
SPENDING PRIORITY
Rates of ranking
as a Top 3
IT Security
Spending Priority 39% - BEST PRACTICES
32% - PARTNERS/CUSTOMERS
46% - COMPLIANCE
46% - REPUTATION AND BRAND PROTECTION
36% - DATA BREACH AVOIDANCE
8. PUTTING FAITH IN
THE WRONG DEFENSES
INCREASES IN IT SECURITY
SPENDING PLANS BY CATEGORY
44% - ANALYSIS & CORRELATION TOOLS
48% - NETWORK DEFENSES
40% - DATA IN MOTION DEFENSES
39% - DATA AT REST DEFENSES
… perimeter defenses
offer little help
defending against
multi-stage attacks”
“It’s no longer enough just
to secure networks and
endpoints”
“
Garrett Bekker
Sr. Analyst Enterprise Security, 451 Research
… data-at-rest
approaches have proven
to be effective at
protecting the data itself”
“
INCREASES IN SPENDING ON
DATA AT REST DEFENSES FELL
47%
2014
39%
2015
44% - END POINT AND MOBILE
9. SOME ORGANIZATIONS
ARE GETTING IT RIGHT
58%
INCREASING
SPENDING ON
IT SECURITY
TO PROTECT
SENSITIVE DATA
NOW MAKE
PREVENTING DATA
BREACHES A TOP
SPENDING PRIORITY
36%
IMPLEMENTING EFFECTIVE DATA SECURITY TOOLS
39% - MULTI-FACTOR AUTHENTICATION
38% - SIEM SYSTEMS
40% - APPLICATION LAYER ENCRYPTION
39% - TOKENIZATION
38% - CLOUD SECURITY GATEWAY
10. 39%
58%
45%
35%
EXECUTIVE MANAGEMENT
CONTRACTOR ACCOUNTS
INTERNAL AND EXTERNAL
DATA THREATS
THE MOST DANGEROUS INSIDERS (TOP 3 SELECTION)
TOP EXTERNAL THREATS
15% 12%39% 19% 15%
CYBER CRIMINALS
HACKTIVISTS
CYBER-
TERRORISTS
NATION
STATES
COMPETITORS
PRIVILEGED USERS
SERVICE PROVIDER ACCOUNTS
11. 70%
DRAMATIC INCREASE IN RATES
OF SENSITIVE DATA USE IN THE CLOUD
USE OF SENSITIVE DATA IN
CLOUD ENVIRONMENTS
54%
2015
85%
2016
CONCERNS - HIGH
VERY OR EXTREMELY
CONCERNED ABOUT
SENSITIVE DATA IN
THE CLOUD
DATA SECURITY USAGE - LOW
24%USING ENCRYPTION TO
SAFEGUARD CLOUD
DATA TODAY
12. TOP CONCERNS FOR DATA
WITH ADOPTING CLOUD SERVICES
70% – GLOBAL SECURITY BREACHES /
ATTACKS AT CSP75% – U.S.
66% – GLOBAL
73% – U.S.
SHARED INFRASTRUCTURE
VULNERABILITIES
66% – GLOBAL LACK OF DATA
LOCATION CONTROL70% – U.S.
65% – GLOBAL LACK OF DATA
PRIVACY POLICY / SLA71% – U.S.
64% – GLOBAL CLOUD PRIVILEGED
USER ABUSE/THREATS70% – U.S.
62% – GLOBAL MEETING COMPLIANCE
REQUIREMENTS69% – U.S.
13. 66% ONLINE BACKUP
67% ONLINE STORAGE
GLOBAL RATES OF VERY OR EXTREMELY CONCERNED
53% COLLABORATION TOOLS
61% CRM / SOCIAL CRM
57% ERP
66% ONLINE ACCOUNTING
51% ONLINE OFFICE SUITES
56% PROJECT / TASK MANAGEMENT
DATA PROTECTION CONCERNS
ARE HIGH FOR SAAS APPLICATIONS
14. WHAT CAN CSP’s DO TO INCREASE
ENTERPRISE CLOUD ADOPTION?
35%
DATA ENCRYPTION
IN THE CLOUD
CSP KEY CONTROL
27%
EXPOSURE OF
SECURITY
MONITORING
DATA
36%
DETAILED
PHYSICAL AND IT
SECURITY
IMPLEMENTATION
INFORMATION
48%
DATA ENCRYPTION
IN THE CLOUD
ENTERPRISE
PREMISE KEY
CONTROL
TOP CHANGE FROM LAST YEAR
53%
DATA ENCRYPTION IN THE
CLOUD WITH CSP KEY CONTROL 35%
2015 2016
15. RATES OF SENSITIVE DATA USE
BY EMERGING TECHNOLOGY TYPE
WHILE CLOUD HAS THE
HIGHEST OVERALL
ADOPTION, BIG DATA AND
IoT ARE ALSO EMERGING
QUICKLY AS LOCATIONS
WHERE SENSITIVE DATA
IS PRESENT
47% - PaaS
33% - IoT
53% - SaaS
50% - BIG DATA
47% - IaaS
85%
TOTAL FOR CLOUD
(ALL TYPES)
16. SENSITIVE DATA USE INCREASES
IN BIG DATA ENVIRONMENTS
SENSITIVE DATA MAY
RESIDE ANYWHERE
PRIVACY VIOLATIONS - DATA
ORIGINATES IN MANY COUNTRIES
41%
42%
40%
37%
33%
SECURITY OF REPORTS THAT
MAY INCLUDE SENSITIVE DATA
LACK OF SECURITY
FRAMEWORKS AND CONTROLS
PRIVILEGED USER ACCESS TO
PROTECTED DATA
USE OF SENSITIVE
DATA IN BIG DATA
31%
2015
50%
2016
TOP 5 CONCERNS
17. DOUBLE
JEOPARDY
BIG DATA IS OFTEN
IMPLEMENTED IN
THE CLOUD
TOP 3 SELECTIONS
FOR LOSS OF
VOLUMES OF
SENSITIVE DATA
BIG DATA - U.S. - MORE TO LOSE
WITH HIGHEST SENSITIVE DATA USE
30% 27% 21%24% 22% 12%18%
U.S. U.K. MEXICOBRAZIL GERMANYAUS JAPAN
18. IoT THREAT AWARENESS LOW
COMPARED TO CLOUD AND BIG DATA
MANY ORGANIZATIONS
HAVE STRONG CONCERNS
FOR THE SAFETY OF
THEIR DATA
29% - IDENTIFYING WHICH DATA IS SENSITIVE
27% - IMPACT OF ATTACKS ON IoT DEVICES
35% - PROTECTING SENSITIVE DATA GENERATED BY IOT
30% - PRIVACY VIOLATIONS
28% - PRIVILEGED USER ACCESS TO DATA AND DEVICES
33%
ORGANIZATIONS THAT EXPECT
SENSITIVE DATA USE IN IoT
19. WHAT SHOULD
ORGANIZATIONS BE DOING
Get a better handle on where organization is
using sensitive data – Both internal and external locationsDiscover and classify
Use platform solutions that deliver a broad range of data
security solutions on a single platform to reduce costs
Data security
platforms
Security analytics
Use data access monitoring combined with other threat
indicators to identify threat activity patterns
Encryption and
access control
Use encryption for more than just compliance.
Data Center: Consider an Encrypt Everything policy
Cloud: Encrypt and manage your keys appropriately
Big Data: Make sure encryption includes access control
IoT: Encrypt on devices, in transit and on the back end
20. Vormetric Data Security
#DefenderOfData
Vision
To Secure the World’s Information
Purpose
Protect business assets and brand
Customers
1500+ Customers Across 21 Countries
17 of Fortune 30
30+ Cloud and Hosting Providers
Global Presence
Global Headquarters - San Jose, CA, USA
EMEA Headquarters - Reading, United Kingdom
APAC Headquarters - Singapore
Data-at-Rest Protection Products
Transparent Encryption, Application-layer Encryption
Tokenization with Dynamic Data Masking
Cloud Encryption Gateway
Protection for Teradata Database
Key Management
23. Implement with Confidence
“In our view, it is a sound practice – irrespective of the HIPAA mandates – to find a
best-in-class security solution. With data encryption, I believe it’s essential to be
prepared ahead of time, instead of trying to react after there’s been a data breach.”
i i
Carl Mudra, CIO,
Delta Dental of Missouri
2016 Vormetric Data Threat Report:
Cloud Edition
Vormetric.com -> Resources -> White Papers
24. 24
Q&A
Larry Collins | Product Manager, HOSTING
Andy Kicklighter | Director Solution Marketing, Vormetric
For more information about Data Encryption Solutions by HOSTING, please
contact our team at 888.894.4678.