STOCK TITAN

2023 Thales Data Threat Report Reveals Increase in Ransomware Attacks and Human Error as Main Cause of Cloud Data Breaches

Rhea-AI Impact
(Low)
Rhea-AI Sentiment
(Negative)
Tags
Rhea-AI Summary

Thales has released its 2023 Data Threat Report, revealing crucial insights on cybersecurity threats faced by organizations. The report highlights that 48% of IT professionals reported an increase in ransomware attacks, with 22% of organizations affected in the past year. Alarmingly, 51% lack a formal ransomware response plan. Misconfiguration and human error were cited as the primary cause of data breaches by 55% of respondents. Additionally, organizations are increasingly concerned about digital sovereignty and the challenges posed by quantum computing. Despite a slight decrease in the severity of ransomware impacts, budget allocations for prevention tools have risen to 61%. The report underscores the need for improved data protection strategies and better control over sensitive information as enterprises adapt to an evolving threat landscape.

Positive
  • 61% of organizations plan to increase their budget for ransomware prevention tools.
  • Progress in Multi-Factor Authentication (MFA) adoption and data encryption is noted.
  • Awareness of digital sovereignty and its impact on data privacy is increasing among enterprises.
Negative
  • 22% of organizations experienced a ransomware attack in the past 12 months.
  • 51% of enterprises do not have a formal ransomware response plan.
  • 55% of recent data breaches were caused by human error or misconfiguration.
  • Only 49% of companies reported having a formal ransomware response plan.
  • 48% of IT professionals reported an increase in ransomware attacks with 22% of organisations experienced a ransomware attack in past 12 months
  • 51% of enterprises do not have a formal ransomware plan
  • Of those recently suffered a cloud data breach, 55% of respondents identified human error as the primary cause

PARIS LA DÉFENSE--(BUSINESS WIRE)-- Thales today announced the release of 2023 Thales Data Threat Report, its annual report on the latest data security threats, trends and emerging topics based on a survey of nearly 3000 IT and security professionals in 18 countries. This year’s report found an increase in ransomware attacks, and increased risks to sensitive data in the cloud.

Nearly half (47%) of IT professionals surveyed believe that security threats are increasing in volume or severity with 48% reporting an increase in ransomware attacks. More than a third (37%) have experienced a data breach in the past 12 months, including 22% reporting that their organisation had been a victim of a ransomware attack.

Respondents identified their cloud assets as the biggest targets for cyber-attacks. Over a quarter (28%) said SaaS apps and cloud-based storage were the biggest targets, followed by cloud-hosted applications (26%) and cloud infrastructure management (25%). The increase in cloud exploitation and attacks is directly due to the increase in workloads moving to the cloud as 75% of respondents said 40% of data stored in the cloud is now classified as sensitive compared to 49% of respondents in 2022.

These are just a few of the key insights from the 2023 Thales Data Threat Report, conducted by 451 Research, which surveyed both private and public sector organisations. It reveals how businesses are responding and planning their data security strategies and practices in light of a changing threat landscape and the progress they are making to address threats.

Human error and the impact of ransomware

Simple human error, misconfiguration or other mistakes can accidentally lead to breaches – and respondents identified this as the leading cause of cloud data breaches. For those organisations that have suffered a data breach in the past 12 months, misconfiguration or human error was the primary cause identified by 55% of respondents. This was followed by the exploitation of a known vulnerability (21%), and of a zero day / previously unknown vulnerability (13%). The report finds that identity and access management (IAM) is the best defence, with 28% of respondents identifying it as the most effective tool to mitigate these risks.

Meanwhile, the severity of ransomware attacks appears to be declining, with 35% of 2023 respondents reporting that ransomware had a significant impact compared to 44% of respondents reporting similar levels of impact in 2022. Spend is moving in the right direction too, with 61% reporting they would shift or add a budget for ransomware tools to prevent future attacks – up from 57% in 2022 – yet organisational responses to ransomware remain inconsistent. Only 49% of enterprises reported having a formal response ransomware plan, while 67% still report data loss from ransomware attacks.

Addressing the challenges of digital sovereignty

Digital sovereignty is becoming more top of mind for data privacy and security teams. Overall, the report found that data sovereignty remains both a short- and long-term challenge for enterprises. 83% expressed concerns over data sovereignty, and 55% agreed that data privacy and compliance in the cloud has become more difficult, likely due to emergence of requirements around digital sovereignty.

Emerging threats from quantum computers that could attack classical encryption schemes are also a cause for concern for organisations. The report found that Harvest Now, Decrypt Later (“HNDL”) and future network decryption were the greatest security concerns from quantum computing – with 62% and 55% reporting concerns respectively. While Post Quantum Cryptography (PQC) has emerged as a discipline to counter these threats, the report found that 62% of organisations have five or more key management systems, presenting a challenge for PQC and crypto agility.

Sebastien Cano, Senior Vice President for Cloud Protection and Licensing activities at Thales, comments: “Enterprises continue to see a serious threat landscape. Our findings indicate good progress is being made in certain areas, including MFA adoption and increased use of data encryption. However, there is still a lot of security gaps regarding data visibility. In an increasingly cloud-first world, organisations must maintain better control over their data so they can serve their stakeholders with greater safety and trust. As data sovereignty and protection regulations around the world tighten, security teams will need far more confidence in protecting where their data is being stored and how it is moving and being used.”

About the 2023 Thales Global Data Threat Report
The 2023 Thales Global Data Threat Report was based on a global 451 Research survey commissioned by Thales of almost 3000 executives with responsibility for or influence over IT and data security. Respondents were from 18 countries: Australia, Brazil, Canada, France, Germany, Hong Kong, India, Italy, Japan, Mexico, Netherlands, New Zealand, Singapore, South Korea, Sweden, the United Arab Emirates, the United Kingdom, and the United States. Organisations represented a range of industries, with a primary emphasis on healthcare, financial services, retail, technology, and federal government. Job titles ranged from C-level executives including CEO, CFO, Chief Data Officer, CISO, Chief Data Scientist, and Chief Risk Officer, to SVP/VP, IT Administrator, Security Analyst, Security Engineer, and Systems Administrator. Respondents represented a broad range of organizational sizes, with the majority ranging from 500 to 10,000 employees. The survey was conducted in November and December 2022.

About Thales

Thales (Euronext Paris: HO) is a global leader in advanced technologies within three domains: Defence & Security, Aeronautics & Space, and Digital Identity & Security. It develops products and solutions that help make the world safer, greener and more inclusive.

The Group invests close to €4 billion a year in Research & Development, particularly in key areas such as quantum technologies, Edge computing, 6G and cybersecurity.

Thales has 77,000 employees in 68 countries. In 2022, the Group generated sales of €17.6 billion.

PLEASE VISIT

Thales Group

Cloud Protection & Licensing Solutions | Thales Group

Cybersecurity Solutions | Thales Group

PRESS CONTACT

Thales, Media Relations

Security & Cybersecurity

Marion Bonnet

+33 (0)6 60 38 48 92

marion.bonnet@thalesgroup.com

Source: Thales

FAQ

What percentage of organizations reported ransomware attacks according to the 2023 Thales Data Threat Report?

According to the report, 22% of organizations experienced a ransomware attack in the past 12 months.

What is the primary cause of data breaches identified in the 2023 Thales Data Threat Report?

The primary cause of data breaches is identified as human error or misconfiguration by 55% of respondents.

How much do organizations plan to increase their budget for ransomware prevention tools?

The report indicates that 61% of organizations plan to shift or add budgets for ransomware prevention tools.

What concerns do organizations have regarding digital sovereignty as per the 2023 Thales report?

The report found that 83% of organizations expressed concerns over data sovereignty, indicating it remains a significant challenge.

THALES UNSP ADR

OTC:THLLY

THLLY Rankings

THLLY Latest News

THLLY Stock Data

34.87B
1.03B
0.08%
Aerospace & Defense
Industrials
Link
United States of America
Meudon