Digital Transformation Efforts Putting Sensitive Data at Risk for Japanese Enterprises
Japanese Businesses Are Struggling with Cloud Complexity Amid High Demand for Digitally Transformative Technologies
Thales announces that Japanese enterprises are putting sensitive data at risk as they move quickly to adopt digital transformation technologies, according to its 2019 Thales Data Threat Report – Japan Edition. The research, conducted by analyst firm IDC, indicates that while digital transformation increases efficiency, enables new services and makes new economies of scale possible, it also introduces new challenges for implementing proper data security.
As Japanese organizations move quickly to adopt digital transformation technologies, our research shows they are putting their most sensitive data at risk,” said Frank Dickson, program vice president for security products research, IDC. “In addition, the move to multi-cloud environments can compromise data protection even further, making tools that reduce complexity critical as businesses embark on their digital transformation journey.”
Almost all (92%) of the respondents reported that they are using sensitive data within digital transformation environments. In fact, 80% already use or plan to use digitally transformative technologies within the next year. These technologies include cloud, big data, mobile payments, social media, blockchain and the Internet of Things (IoT). Yet, less than a third of respondents are using data encryption within these environments even though this technology was identified as a key solution for securing sensitive data.
The Multi-Cloud Enterprise Puts Sensitive Data at Risk
The report found that Japanese enterprises continue to move to multi-cloud environments as part of their digital transformation efforts with over 80% of respondents using sensitive data in the cloud. Specifically, 62% of respondents have 11 or more Software-as-a-Service (SaaS) applications, 45% have three or more Infrastructure-as-a-Service (IaaS) applications and 43% have three or more Platform-as-a-Service (PaaS) applications. With multi-cloud usage oftentimes requiring a unique data security approach, it is understandable why complexity was identified by nearly 40% of respondents as a barrier to data security deployment.
Despite Increase in Data Breaches Prevention Not a Priority
Although 45% of respondents have encountered a data breach and 21% have had one during the past year, prevention is at the bottom of the IT security spending priority list. Furthermore, the report found that 82% feel vulnerable to data threats. External forces top the list with cybercriminals (70%) identified as the biggest threat overall followed by cyber terrorists (51%). Internal threat actors were identified as partners with internal access (52%), privileged users (49%) and a combination of ordinary employees, other non-IT users and service provider accounts (41%).
“Businesses in Japan face a myriad of challenges when it comes to safeguarding sensitive data from internal factors such as access from partners to external forces such as cybercriminal activity and regulatory compliance,” said Hisaharu Nakamura, authentication & encryption vice president for cloud protection and licensing activity at Thales Group Japan. “This is compounded by the fact that nearly half of the survey respondents indicated that they have experienced a data breach. The clear call to action for Japanese enterprises is to make prevention a top priority and ensure the right level of data protection is in place.”
Data Privacy and Compliance Present New Challenges
With over 100 global data privacy laws in place including Japan’s Act on the Protection of Personal Information (APPI) and the European Union’s General Data Protection Regulation (GDPR), the report found that 84% of respondents will be impacted by regulatory mandates. It comes as no surprise that nearly half (47%) of those surveyed, rated meeting compliance requirements such as data privacy as a top priority for IT security spending in Japan, especially with 18% indicating they failed a compliance audit in the last year due to data security issues. To combat these challenges, a third of the respondents identified encryption and tokenization as the leading strategies to meet regulatory concerns.