A brief digest from the 2019 Thales Data Security Summit

 Washington, D.C. – When my train pulled into Union Station, the weather forecast called for overcast, gray skies. Little did I know that the atmospheric gloom was foreshadowing similarly dismal news regarding the state of data security, as detailed in the 2019 Thales Data Threat Report.

As U.S. federal agencies engage heavily in digital transformation of their organizations in an attempt to boost efficiency, they are inadvertently creating a significant risk regarding sensitive data, including government secrets and personal information. Given the ever-increasing threat environment from cyber criminals, internal hackers, and foreign state-sponsored entities, there is certainly cause for concern.

There seems to exist a strange dichotomy in this realm – on the one hand, 82% of agencies surveyed feel worried about their level of vulnerability to data threats; on the other hand, of the 98% of respondents that will use sensitive data on digitally transformative technologies, less than 30% are using data encryption as a protective measure. [1] Exacerbating the problem, is a disturbing trend of declining hikes in IT security spending (from 93% in 2018 to 60% in 2019.)[2]

To optimize data security, agencies must “go from the data, outward…” says Brent Hanson, Chief Technology Officer, Thales CPL Federal. “We must continue to evolve, because the bad guys keep learning too.” The data certainly backs up that claim, as 60% of U.S. Federal Government respondents report that they have been breached – 35% in the past year alone.[3]

If government agencies are going to effectively secure their data, it will require a multi-faceted approach. According to Matt Conner, Chief Information Security Officer and Director of the Cybersecurity Office, National Geospatial-Intelligence Agency, “Perimeter defense is not enough. The approach needs to be more robust.” This crucial shift in approach requires a “pivot to realign the focus from network-centric to data-centric” says Bill Marion, Deputy Chief, Information Dominance and Chief Information Officer, U.S. Air Force. “We did a disservice by claiming that perimeter was protected without securing the data points within.”

All in all, the big takeaway is that digital transformation provides more opportunities for hackers, which might be a reason to lose sleep at night. As Nick Jovanovic, Vice President, Thales CPL Federal, puts it, “Data is the lifeblood of organizations, alongside their people.” It’s time for government agencies to realize that, and take the necessary steps to diversify their security approach, emphasizing data protection, in addition to network defense solutions.

 

 

Olivier Vallez, Cybersecurity Reporter

Cyber Defense Magazine

 

 

 

 

[1] Source: 2019 Thales Data Threat Report Survey, IDC, November 2018
[2] Source: 2019 Thales Data Threat Report Survey, IDC, November 2018
[3] Source: 2019 Thales Data Threat Report Survey, IDC, November 2018