THALES BLOG

Key Takeaways from the Thales Data Threat Report: EME Edition

September 24, 2024

Rob Elliss Rob Elliss | Thales CPL VP of Sales - EMEA More About This Author >

Organizations in the Europe and Middle East (EME) region face significant challenges. The threat landscape is increasingly complex, regulatory requirements are becoming more stringent, and the economic environment remains uncertain.

The 2024 Thales Data Threat Report: Europe and Middle East Edition provides insight into how EME decision-makers navigate these challenges, leverage emerging technologies, and compare to their global peers.

Compliance Requirements are Improving Security

The report revealed that organizations that fail compliance audits are far more likely to suffer a breach. 85% of EME respondents whose organization failed a compliance audit reported having some breach history, with 29% reporting a breach in the last 12 months. In contrast, only 23% of EME respondents whose organization passed a compliance audit reported some breach history, and only 4% reported a breach in the past year.

These figures closely resemble those in the global Data Threat Report (DTR), and the correlation between compliance achievement and reduced breaches has grown stronger through the years. Moreover, although the proportion of EME organizations that have ever suffered a breach remains high (51%), the percentage that have experienced a recent breach has decreased from 24% in 2021 to 15% in 2024.

Clearly, compliance standards, such as those like AICPA SOC2 Type 2 and ISO27K, which blur the lines between compliance and security and require organizations to demonstrate controls over time (a characteristic typically associated with security), have positively impacted the security of EME organizations.

Emerging Technologies, Emerging Threats, Emerging Opportunities

EME organizations recognize the risks posed by emerging technologies. 70% of EME respondents said they were interested in post-quantum cryptography (PQC) to combat threats posed by quantum computing, particularly “harvest now, decrypt later” (HNDL) tactics, slightly more than global respondents (68%).

However, EME respondents are also aware of the opportunities emerging technologies present. 23% of EME respondents said their organization plans to integrate GenAI into security products and services in the next 12 months (compared to 22% of global respondents), while 31% said they plan to experiment with integrating the technology (compared to 33% globally).

Operational Complexity is Bad but Improving

The DTR reveals an incremental improvement in operational complexity. EME respondents reporting five or more key management systems in use declined by nine percentage points (55% down from 64% a year ago), while the average number of key management systems also fell 3% year-on-year (6.0 to 5.8).

The story is much the same for global organizations. Global respondents reporting five or more key management systems in use also fell by nine percentage points, while the average number of key management systems also declined by 2% from 5.8 to 5.7

While these broadly positive results suggest EME organizations are on the right track, it’s clear that operational complexity is still a significant concern; work remains to bring it down to a safe level.

The Attack Landscape is Bad and Getting Worse

Perhaps unsurprisingly, the vast majority (92%) of EME organizations reported increased attacks in 2024, compared to 93% of global respondents. 42% of EME respondents cited malware as one of the fastest-growing attack types, 37% cited phishing, and 31% cited ransomware. Global figures were similar at 41%, 36%, and 32%, respectively.

Arguably, even less surprising is that the human factor still plays a significant role in attack tactics. More specifically, a “toxic combination” of accidental incidents (caused by human error) followed by attackers exploiting a vulnerability—a typical phishing scam tactic—was the top-most-mentioned attack root cause by attacker type in the EME region.

External attackers with ideological goals and external attackers with geopolitical goals—the two and three top-most mentioned attacker types in the EME region—also leveraged human error for their favored attack type: using misconfiguration to gain unauthorized access.

EME Respondents Underperform in Ransomware Response

Despite the persistent and pervasive nature of ransomware threats, EME organisations still fail to prepare adequately, especially compared to their global peers. While the global results are poor - less than 50% of global respondents across all verticals and company sizes have reported having a formal ransomware plan — EME preparedness is dire, with only 19% of organizations reporting having one. Perhaps more encouraging is that only 18% of EME respondents said that, in the event of a ransomware attack, they paid or would pay the ransom, much like global responses.

To find out more about how the EME region is faring against old and emerging threats, managing their cloud environments, and adapting to new challenges, you can download the full 2024 Thales Data Threat Report: Europe and Middle East Edition here.