2020 Trustwave Data Security Index report finds that perceived threats do not match actual incidents 

Published: Tuesday, 27 October 2020 10:10

Trustwave has released the 2020 Trustwave Data Security Index report which shows how technology trends, compromise risks, and regulations are shaping how organizations’ data is stored and protected. The report is based on a recent survey of 966 full-time IT professionals who are cyber security decision makers or security influencers within their organizations. Over 75 percent of respondents work in organizations with over 500 employees in key geographic regions including the United States, United Kingdom, Australia and Singapore.

Key findings from the 2020 Trustwave Data Security Index report include:

Perceived threats do not match actual incidents

38 percent of organizations are most concerned with malware and ransomware followed by phishing and social engineering at 18 percent, application threats 14 percent, insider threats at 9 percent, privilege escalation at 7 percent and misconfiguration attack at 6 percent. Interestingly, when asked about actual threats experienced, phishing and social engineering came in first at 27 percent followed by malware and ransomware at 25 percent. The UK and Singapore experienced the most phishing and social engineering incidents at 32 percent and 31 percent and the US and Australia experienced the most malware and ransomware attacks at 30 percent and 25 percent. Respondents in the government sector had the highest incidents of insider threats at 13 percent or 5 percent above the average.

More sensitive data moving to the cloud

Types of data organizations are moving into the cloud have become increasingly sensitive. 96 percent of total respondents stated they plan to move sensitive data to the cloud over the next two years with 52 percent planning to include highly sensitive data with Australia at 57 percent leading the regions surveyed. Not surprisingly, when asked to rate the importance of securing data regarding digital transformation initiatives, an average score of 4.6 out of a possible high of five was tallied.

Hybrid cloud model driving digital transformation and data storage

Of those surveyed, most at 55 percent use both on-premises and public cloud to store data with 17 percent using public cloud only. Singapore organizations use the hybrid cloud model most frequently at 73 percent or 18 percent higher than the average and US organizations employ it the least at 45 percent. Government respondents store data on-premises only the most at 39 percent or 11 percent higher than average. Additionally, nearly half of respondents at 48 percent stored data using the hybrid cloud model during a recent digital transformation project with only 29 percent relying solely on their own databases.

Most organizations use multiple cloud services

70 percent of organizations surveyed were found to use between two and four public cloud services and 12 percent use five or more. At 14 percent, the US had the most instances of using five or more public cloud services followed by the UK at 13 percent, Australia at 9 percent and Singapore at 9 percent. Only 18 percent of organizations queried use zero or just one public cloud service.

Patching practices show room for improvement

A resounding 96 percent of respondents have patching policies in place, however, of those, 71 percent rely on automated patching and 29 percent employ manual patching. Overall, 61 percent of organizations patched within 24 hours and 28 percent patched between 24 and 48 hours. The highest percentage patching within a 24-hour window came from Australia at 66 percent and the UK at 61 percent. Unfortunately, 4 percent of organizations took a week to over a month to patch.

Reliance on automation driving key security processes

In addition to a high percentage of organizations using automated patching processes, findings show 89 percent of respondents employ automation to check for overprivileged users or lock down access credentials once an individual has left their job or changed roles. This finding correlates to low concern for insider threats and data compromise due to privilege escalation according to the survey. Organizations must exercise caution when assuming removal of user access to applications to also include databases, which is often not the case.

Data regulations having minor impact on database security strategies

When asked if data regulations such as General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) impacted database security strategies, a surprising 60 percent of respondents said no. These findings may suggest a lack of alignment between information technology and other departments, such as legal, responsible for helping ensure stipulations like ‘the right to be forgotten’ are properly enforced to avoid severe penalties.

Small teams with big responsibilities

Of those surveyed, nearly half at 47 percent had a security team size of only six to 15 members. Respondents from Singapore had the smallest teams with 47 percent reporting between one and ten members and the US had the largest teams with 22 percent reporting team size of 21 or more, 2 percent higher than the average. 32 percent of government respondents surprisingly run security operations with teams between just six and ten members.

More details.