Todd Moore | VP Encryption Products, Thales
Working in a sector as dynamic as cybersecurity, it’s all too rare that we can pause for a moment and reflect on what’s important. Fortunately, I recently had the pleasure of discussing emerging cybersecurity trends with Tom Field at ISMG. We’ll cover the talking points in this blog post, but you can watch the full interview below.
Ransomware Readiness
Ransomware, whether we like it or not, isn’t going anywhere any time soon. And yet so many organizations are still not prepared. We recently released the tenth edition of the Thales 2023 Data Threat Report, revealing that of the nearly 3,000 IT professionals surveyed, only 48% said they had used or created a formal ransomware plan, despite 49% reporting that ransomware attacks had increased and 22% experiencing a ransomware attack in the past year.
With this in mind, we recently unveiled our newest solution, CipherTrust Transparent Encryption Ransomware Protection (CTE-RWP), at this year’s RSA Conference. CTE-RWP bolsters our CipherTrust Data Security Platform, helping protect organizations from ransomware attacks by monitoring the file system and detecting, flagging, or blocking unwanted encryption and data exfiltration. Of course, there is no single solution to the ransomware problem, but we think this is a big step in the right direction.
Consolidation and Complexity
For some time now, organizations have been calling for increased consolidation and decreased complexity. It’s easy to see why. An abundance of security tools, known as tool sprawl, adds to the complexity of managing cyber risks. Our report reflected the need for consolidation, with 62% of large organizations using more than five key management systems. Worse still, only 65% of enterprises are ‘very confident’ or have ‘complete knowledge’ of their data’s location, and 20% have consistently been unable to classify their data.
Similarly, organizations are pushing for consolidation of encryption platforms, looking for a single solution that can do it all rather than multiple, disparate solutions. Thales provides a more holistic approach to security, providing various solutions under the same roof.
Cybersecurity and development teams working together
Security and development teams have always been somewhat at odds. But that needs to change, especially now that developers have emerged as a vital part of the security buying process. At Thales, we recognize that developers want to do their jobs quickly and efficiently and are looking for security tools that allow them to do that.
Last year, we revealed the CipherTrust Platform Community edition, which allows developers to try the solution and ensure it works for them. This year we went even further, launching the CipherTrust Secrets Management solution, powered by our partner Akeyless, which protects and automates access to secrets across DevOps tools and cloud workloads, including secrets, credentials, certificates, API keys, and tokens.
Data Sovereignty
When it comes to cloud security, compliance is the topic of the moment. As the US and Europe throw their weight behind more stringent regulation, organizations are more concerned about data sovereignty than ever. 83% of those surveyed for our 2023 Data Threat Report said they were very or somewhat concerned that data sovereignty and privacy regulations will affect their organization’s cloud deployment plans. As a result, companies such as Google and AWS are providing ways to give users more control to prove to regulators that information is stored and protected according to the jurisdiction’s requirements, with this only likely to continue in the coming years.
Quantum Computing Security
Quantum computing is the most exciting – and worrying– trend in cybersecurity right now. While we do not know when it will happen, IT professionals are keenly aware that we could be plunged into a post-quantum world overnight - and are waiting with bated breath.
At Thales, we are working to make our security solutions quantum ready. From encrypting data in rest to data in motion, key management, and beyond, we are prepared for a post-quantum world. Working alongside Wells Fargo and Quantinuum, we’ve proved that we can generate quantum-safe cryptographic keys within the cryptographic boundary of the Thales Luna S790 cryptographic Hardware Security Module (HSM), a FIPS 140-2 level 3 cryptographic module.
Future of Cybersecurity
It was great speaking with Tom about the most important current trends in cybersecurity. These conversations allow us to take stock and appreciate everything we’ve achieved in the past year, as well as give us an opportunity to think about what might come next. I can’t wait to see what developments we make in the next year.