2016 Vormetric Data Threat Report – Cloud, Big Data and IoT

2016 Vormetric Data Threat Report – Cloud, Big Data and IoT Edition

Sensitive Information in big data environments rises to 50 percent, IoT 33 percent.

Vormetric, a leader in enterprise data security for physical, big data, public, private and hybrid cloud environments, announced the results of its cloud, big data and Internet of Things (IoT) focused edition of the 2016 Vormetric Data Threat Report (DTR) issued in conjunction with analyst firm 451 Research.

Polling for the report features the responses of 1,100 senior IT security executives at large enterprises worldwide. This edition of the 4th annual report extends earlier findings in the global edition with a focus on the risks to data in emerging cloud, big data and IoT usage by enterprises. Find both reports here.

“Security is still an afterthought when it comes to adopting new technologies, often taking a back seat amidst the rush to stake a claim in a promising new market,” said Garrett Bekker, senior analyst, information security, at 451 Research and the author of the report. “We found that enterprises are storing sensitive data in just these types of environments – 85 percent in cloud, 50 percent in big data, and 33 percent in IoT. Many have strong concerns about the security of their data as a result.”

Storage of critical information within cloud and big data environments also continues to increase, adding to these concerns:

  • Cloud: 85 percent of respondents are using sensitive data in the cloud, up from 54 percent last year
  • Big Data: 50 percent are using sensitive data within big data implementations, up from 31 percent previously

Focus on the Cloud

Even as they move forward with adopting cloud services, and in some cases believe that cloud environments are more secure than their local IT infrastructure, enterprises remain concerned about the security of their information. When respondents were asked about the top data security concerns for cloud services:

  • 70 percent (75 percent U.S.) note security breaches / attacks at the service provider
  • 66 percent (73 percent U.S.) cite increased vulnerabilities from shared infrastructure
  • 66 percent (70 percent U.S.) call out lack of control over the location of data
  • 65 percent (71 percent U.S.) select lack of a data privacy policy or privacy service
    level agreement

In addition, for cloud service providers who want to grow their enterprise business, respondents cited four top changes that would increase their willingness to use cloud services:

  • 48 percent (49 percent U.S.) ask for encryption of data with enterprise key control on their premises
  • 36 percent (35 percent U.S.) desire detailed physical and IT security implementation information
  • 35 percent (34 percent U.S.) select encryption of their organisation’s data within the service provider’s infrastructure
  • 27 percent (global and U.S.) also want exposure of security monitoring data for their information.

The most notable change from last year’s results concerned where encryption keys should be managed or stored. In the 2015 report, management of keys by service providers, or locally by the enterprise were very close to equally rated. This year enterprises seem to have realised that control and management of encryption keys is the critical link in securing their data in the cloud. Only 35 percent cite management of encryption keys by the cloud provider as a way to increase their usage of cloud, down from 53 percent last year.

“At QTS, our data center, cloud, hosting and managed services offerings are designed to meet and exceed enterprise needs for compliance,

safety and security,” said Peter Weber, Chief Product Officer, QTS. “The results of the report highlight the needs of organisations to work

with partners like QTS to secure environments and help protect them from data breaches and meet compliance requirements while

providing the flexibility needed to grow business.”

Focus on Big Data

With 50 percent of all respondents planning to store sensitive information within big data environments (up from 31% last year), big data environments have become a much greater concern for enterprises as a possible point of compromise, and as a focus for compliance efforts. As these environments hold a growing share of an enterprise’s sensitive information, the challenges for organisations that need to secure their data grows. Essentially, the entire environment requires protection, as data migrates to wherever it is needed for analysis within big data implementations.

Results we found bear this out, with organisations seeing many potential points of concern. The top 5 concerns included:

  • Security of the reports produced, as they may include sensitive data (42 percent)
  • Sensitive information may reside anywhere within the environment (41 percent)
  • Privacy violations from data originating in multiple countries (40 percent)
  • Privileged user access to protected data in the implementation (37 percent)
  • Lack of security frameworks and controls within the environment (33 percent)

In addition, big data projects frequently rely on cloud-based service delivery, causing double jeopardy issues. For many organisations the threats found in cloud environments are then added to their concerns with big data.

Focus on IoT

“IoT promises to present a security hurdle of epic proportions,” emphasised Bekker. “Given the vast amounts of data that could theoretically be generated by IoT devices and platforms, much of it sensitive in nature, enterprises would be well served to develop corporate policies that clearly delineate what will be collected, who will have access, how the data is used, and how long it will be retained.”

Though only 33 percent of organisations expect to have sensitive data within IoT implementations, they have strong concerns about the safety of that information:

  • Protecting sensitive data generated by IoT (35 percent)
  • Privacy violations (30 percent)
  • Identifying which data is sensitive (29 percent)
  • Privileged user access to IoT data and devices (28 percent)
  • Attacks on IoT devices may impact critical operations (27 percent)

Fueling these concerns is also the intersection of IoT with big data, which has the potential to create a new class of risks. This class of risks centers on the potential for privacy violations when large, seemingly innocuous IoT data sets are combined, or are analysed in conjunction with other information.

“As cloud, big data and IoT adoption accelerates, these technologies continue to bring new sets of unique risks to organisations,” said Tina Stewart, VP of marketing for Vormetric. “These risks are driven by the nature of these emerging technology solutions, and the breakneck speed at which new offerings are being developed. With the recent emergence of offerings that have increased data security options built in, or available through partners, service providers and offerings are gradually making available the security controls that enterprises need to meet regulatory and compliance obligations as well as other data security requirements. But there is still much work to be done.”

The survey results and research reports are available from Vormetric and can be found here.

Source/Methodology

The data in this study is based on Web and phone interviews of 1,114 senior executives in Australia, Brazil, Germany, Japan, the UK and the U.S. Most have a major influence on or are the sole decision maker for IT at their respective companies.

Respondents represented the following industries: automotive; education; energy; engineering; federal government; healthcare; IT; retail; and telecommunications.

[su_button url=”http://www.vormetric.co.uk/” target=”blank” style=”flat” background=”#df2027″ color=”#ffffff” size=”10″ radius=”0″ icon=”icon: arrow-circle-right”]For more information on Vormetric click here[/su_button]

About Security Buyer

Security Buyer is the leading authority in global security content, delivering expert news, in-depth articles, exclusive interviews, and industry insights across print, digital, and event platforms. Published 10 times a year, the magazine is a trusted resource for professionals seeking updates and analysis on the latest developments in the security sector.

To submit an article, or for sponsorship opportunities, please contact our team below.

Rebecca Spayne picture 2025

Rebecca Spayne

Managing
EDITOR

Georgina Turner image

Georgina Turner

Sales
Manager

Afua Akoto image - Security Buyer

Afua Akoto

Marketing Manager

Read the Latest Issue

Follow us on X

Follow us on X

Click Here

Follow us on LinkedIn

Follow us on LinkedIn

Click Here

Advertise here

Reach decision makers and amplify your marketing

Advertise here

Click Here

Related News

OneLink

Product Spotlight – Gallagher’s OneLink

Gallagher Security presents, OneLink – the product that is elevating remote security through the power of the cloud 
Image provided by Rhombus

AI Search to Power Instant Security Footage

Rhombus announced the launch of Rhombus AI Search. The solution uses natural language processing to provide security teams with an intuitive

Cloud, AI, and Integration: Rhombus on What’s Next in Physical Security

Garrett Larsson, Co-Founder and CEO of Rhombus Systems, explores how cloud, AI, and…
Image Provided by Brivo

What can Security do to encourage more female representation?

Jamie Thompson, Vice President, Engineering at Brivo offers her comments on the progression of women in the security industry…
ASIS Europe

Genetec to separate AI hype from reality at ASIS Europe 2025

Genetec has announced its plans for ASIS Europe 2025, taking place in Dublin, Ireland from 4-6 March. Its focus will be on the future..
Copyright: Security Buyer

Facial Recognition: Innovation vs. Accountability

Facial recognition technology is advancing with AI, IoT, and privacy-first security, but regulatory compliance, ethical AI, accountability…
Rhombus

Rhombus Launches AI Capabilities for Faster, Smarter Security Investigations

Rhombus, a provider of cloud-managed physical security, today announced the launch of three new additions to its AI portfolio that transform
Rhombus

The Innovator – Rhombus

Rebecca Spayne of Security Buyer sits down with Brandon Salzberg, VP of Engineering, Rhombus to discover how the industry is…
Amthal

Amthal Becomes Certified Reseller for Eagle Eye Networks

Amthal Group Companies has announced its new partnership with Eagle Eye Networks, becoming a certified reseller of its innovative…
ICT

ICT & Milestone unified with new integrations

Integrated Control Technology (ICT) has released paired integrations between Protege GX, and Milestone’s XProtect platforms…
Scroll to Top