Strategies and contradictions of corporate cybersecurity

A Thales report highlights the growth of cyber attacks against companies, especially ransomware. There are still mistakes in data protection. Published on 13 April 2022 by Elena Vaciago

The pandemic has changed many people's habits, and it is likely that they will never return to their pre-existing conditions. In the field of cybersecurity, while the trends that had characterized it in the past remain (from compliance, to technological innovation, to the increasing severity of incidents), they have been joined in the last two years by further vulnerabilities. According to the research "2022 Thales Data Threat Report", a survey by Thales carried out in January 2022 on a sample of 2,800 people in 17 countries around the world, the maturity with which companies face the issue of cybersecurity threats, ransomware, data protection, in a period in which they are increasingly moving towards the cloud, is inadequate. And even today, problems persist that could be addressed and solved. "Even today, in the midst of a data-driven economy, in many cases, 56% of respondents, we observe that people do not know where sensitive and confidential data are stored and stored", said Luca Calindri, country sales manager Italy. & Malta by Thales, presenting the research results. "Only 25% of respondents state that their company has a data classification".

Of the total number of respondents, only 53% said that their organization would be able to classify at least half of their data. The result was better in 2021, when 31% of respondents said they had a complete classification of the data, 54% for at least half. It signals that the uncontrolled growth of data and the rapid development of the cloud are adding complexity to data protection issues, making the situation increasingly difficult to control and secure.

Luca Calindri, Thales country sales manager Italy & Malta

Data breach and threats on the rise Year after year we see an increase in the trend of attacks and threats. The number of data breaches suffered by companies is a clear indicator of the effectiveness of defense strategies: according to the latest results of the Thales research, 52% of respondents state that their company has suffered a cyber attack in the past, while 18% experienced this in the 12 months prior to the survey. When asked about the perception of attacks in progress, 45% said their company is seeing an increase in the volume of malicious activity, as well as in the severity of attacks, and an increase in the targets targeted by malicious agents. This answer comes from all geographies in a homogeneous way. With reference to the most observed types of attacks, generic malware ranks first this year (56% of responses globally), followed by ransomware (53%) and phishing / whaling activities (40%). The risks companies face most are human error (cited as the most serious risk, by 29% of respondents) and following the geopolitical objectives of state-sponsored attacks (19%), and the threat posed by actors driven by economic reasons (17%). Only 9% of respondents cited "internal risk", i.e. the possibility that an attack is carried out by company personnel with learning objectives (a result that differs from last year, as the internal risk had collected 35% of the answers).

corporate security