Businesses rushing to adopt new tech are opening more doors to hackers

While modern technology makes possible new business models to drive growth and profitability, digital transformation opens your business to more cybersecurity risks, according to a survey by Thales and 451 Research.

Companies doing business in tech-savvy countries such as Japan, Sweden and the United States are creating unprecedented efficiency and scale thanks to digital transformation. At the same time, the rush to adopt new technology creates more attack surfaces for hackers to leverage.

Thales interviewed 1,200 senior executives in eight countries on three continents and found that almost every business surveyed has an appetite for emerging digital technology that can grow the business and its earnings. Specifically:

42% of organizations use more than 50 Software as a Service (SaaS) applications
57% use three or more Infrastructure as a Service (IaaS) vendors
53% use three or more Platform as a Service (PaaS) environments
99% use big data
94% are implementing IoT technologies
91% are working on or using mobile payments

"This year we found that organizations are dealing with massive change as a result of digital transformation, but this change is creating new attack surfaces and new risks that need to be offset by data security controls,” according to Garrett Bekker, principal security analyst, information security at 451 Research.

Some 67% of respondents had experienced a breach, with 36% getting breached in the last year. The numbers are much higher compared to a survey in 2017, which saw only 26% of respondents breached “in the last year.”

Organizations worldwide are entering murky waters as their security strategies and cybersecurity spending fail to match their overall digital transformation plans. 57% are spending most on endpoint and mobile security technologies – when they should also prioritize server protection. Data-at-rest security solutions are at the bottom (40%) of IT security spending priorities.

“But while times have changed, security strategies have not – security spending increases that focus on the data itself are at the bottom of IT security spending priorities, leaving customer data, financial information and intellectual property severely at risk,” Bekker warns. “If security strategies aren't equally as dynamic in this fast-changing threat environment, the rate of breaches will continue to increase.”

Our own research suggests much the same thing: malware authors will increasingly target enterprises and networks of computers – as opposed to individuals or endpoints. Cybercriminals will focus more on hacking connected (Internet of Things or IoT) devices throughout 2018 with greater frequency and sophistication than before.

And spam will remain one of the most efficient attack vectors for delivering ransomware, banking Trojans, and other threats, making it imperative not just to beef up on security solutions, but also to train your employees to sniff out any malicious emails that might slip through.