The Data Security Money Pit: An Independent Research Study from Forrester

save
Share and earn Cybytes
Facebook Twitter LinkedIn Email

We recently released a study with Forrester Consulting entitled “The Data Security Money Pit: Expense in Depth Hinders Maturity” that shows a candy-store approach to data security may actually hinder data protection and explores how a unified data security platform could give security professionals the protection capabilities they desire, including security analytics, classification and access control while reducing costs and technical challenges.

The report finds organizations invest heavily in individual tools to try to mitigate threats and meet compliance requirements. In fact, 76% of data security professionals believe their organization has a mature data security strategy as a result of these efforts.  Forrester writes:

The reality is that companies have spent a lot of money on individual technology — instead of a unified data security strategy — and are judging their maturity based on money spent.

This fragmented approach to data security exacerbates many vulnerabilities and challenges, and 96% of these respondents believe a unified approach would readily prevent and help them more quickly respond to attempted attacks and actual data breaches, meet regulatory compliance and free up resources to focus on building and enforcing policies, procedures and remediation actions. The study goes on to highlight specific areas where enterprise data security falls short:

  • 62% of respondents don’t know where their most sensitive unstructured data resides
  • 66% don’t classify this data properly
  • 59% don’t enforce a least privilege model for access to this data
  • 63% don’t audit use of this data and alert on abuses
  • 93% suffer persistent technical challenges with their current data security approach

Point products may mitigate specific threats, but when used tactically, they undermine more comprehensive data security efforts. Ransomware, for example, exploits the same internal deficiencies that a rogue or compromised insider might – insufficient detective controls and over-subscribed access. Instead of improving detective controls and locking down access – improvements that would mitigate ransomware as well as many other data security threats – organizations sometimes deploy a tactical solution for ransomware and neglect their core controls. This threat-reactive approach appears to have become the norm – many threats; many tools. Expense in depth.

According to the study, “It’s time to put a stop to expense in depth and wrestling with cobbling together core capabilities via disparate solutions.” Almost 90% of respondents desire a unified data security platform. Key criteria to include in such a platform as selected by the survey respondents include:

  • data classification, analytics and reporting (68% of respondents)
  • meeting regulatory compliance (76% of respondents)
  • aggregating key management capabilities (70% of respondents)
  • improving response to anomalous activity (66% of respondents)

In summarizing the findings, Forrester concludes,

A unified data security platform offers core capabilities to help organizations not just establish a robust technology foundation for their data security strategy but also create conditions that help to push firms toward greater security maturity and value-add to the business.

Read highlights from the Forrester report here – including 4 key recommendations for a unified security platform.

 

The post The Data Security Money Pit: An Independent Research Study from Forrester appeared first on Varonis Blog.

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
Follow
2693 Followers
About Varonis
Varonis is a pioneer in data security and analytics, fighting a different battle than conventional cybersecurity companies. Varonis focuses on protecting enterprise data on premises and in the cloud: sensitive files and emails; confidential customer, patient and employee data; financial records; strategic and product plans; and other intellectual property. The Varonis Data Security Platform detects insider threats and cyberattacks by analyzing data, account activity and user behavior; prevents and limits disaster by locking down sensitive and stale data; and efficiently sustains a secure state with automation. With a focus on data security, Varonis serves a variety of use cases including governance, compliance, classification, and threat analytics. Varonis started operations in 2005 and, as of December 31, 2017, had approximately 6,250 customers worldwide — comprised of industry leaders in many sectors including technology, consumer, retail, financial services, healthcare, manufacturing, energy, media, and education.
Promoted Content
Varonis Earn & Learn Email Series
Is your CISSP up to date? We’re here to help! Earn Continual Professional Education (CPE) credits with our free CPE track. We’ll send you CPE-credit worthy content each month: earn 2 CPE credits per month, learn from top industry experts, and get real world security content to take your skills to the next level. Enrollment is free – and so is all our great CPE content! This program includes: - On demand webinars that fit your busy schedule - Podcasts from top influencers in security and privacy - Video tutorials with relevant, real world security content to take your skills next level and more!

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel