Data security is in the headlines often, and it's almost never for a positive reason. Major breaches, new ways to hack into an organization's supposedly secure data, and other threats make the news because well, it's scary — and expensive.
Data breaches, ransomware and malware attacks, and other cybercrime might be pricey to prevent, but they are even more costly when they occur, with the average cost of a data breach reaching $4.35 million and counting.
Accordingly, companies are investing in solutions that combat these problems and focusing on their Data security and protection more than ever, based on the results of the WinZip Enterprise survey of leading industry professionals responsible for implementing and maintaining security at their organizations.
Confidence is Up Among Data Security Pros
While the media is reporting on a wide range of security threats, many of those surveyed reported a certain level of confidence in their organization's data security.
For instance, 59% said their organization did not suffer from a security breach during the past year, and an optimistic 64% said they did not expect to experience a security breach in the coming year.
Perhaps that's because organizations are prioritizing (and investing in) data security more than ever. In fact, 88% of the pros who responded said they consider their current data security solutions to be either very strong or somewhat strong.
It isn't all sunshine and rainbows in the data security world, however, with 21% of replies saying they didn't feel confident that they would not experience a security breach in the next year or so. Another 41% said they had experienced a security breach of some kind in the previous 12 months, so challenges remain.
8 out of 10 Industry Pros say Security is a Top Priority
We weren't surprised that security is a major priority for companies in 2023. Out of nearly 500 IT industry professionals who are responsible for data security at their companies, 86% said that security was extremely important.
This isn't surprising since 79% of those surveyed across industries said they work with personally identifiable information (PII), including payment card information (PCI) and personal health information (PHI). Much of this data is encrypted (often to remain compliant with various regulations and industry standards), with the most commonly encrypted type of data being financial records, followed by employee data and customer information, respectively.
Cloud Vulnerabilities are a Major Concern
While it's not particularly surprising to see that 64% of security professionals said that malware and ransomware attacks were their primary concern in 2023, at least when considering threats that originate outside of the organization.
However, the second biggest external indicated was cloud vulnerabilities, with 42% citing that as a concern. And with the ever-growing popularity and constant evolution of the cloud (particularly as it relates to remote work or work-from-anywhere scenarios), cloud vulnerabilities are likely to remain a major issue for some time and for many organizations.
Social engineering, phishing attacks, and compromised or stolen security credentials were also listed as concerns, along with threats from inside the organization, like weak passwords or employee negligence (essentially, human mistakes). Mobile device vulnerabilities are also an issue.
Top 10 Threats that IT Pros Stress About
In addition to challenges posed by the cloud, the top ten data security threats that keep IT pros (or anyone responsible for data security at their organization) up at night were malware infections, social engineering, compromised credentials, vulnerabilities in third party software, accidental email leaks, weak passwords, inadequate data protection, weak backup and recovery strategies, configuration mistakes, and insecure removable media like USB flash drives.
Data Security Budgets Continue to Climb
The main goal of this anonymous survey was to better understand the challenges that leading data security professionals are facing in 2023 — and how they intend to solve them. An additional goal was to uncover how and where companies are using their security budgets, and whether spending is decreasing, increasing, or staying the same.
In a world filled with an ever-growing number of data security threats, it is not surprising that budgets continue to increase. Overall, those surveyed said they planned to increase their security-related spending, with 78% saying their investment will increase moderately or significantly in the next year.
The actual numbers put data spending for most organizations in the low to mid six figures, with 35% (the largest segment) of respondents reporting their data security budget was between $100,000 and $500,000 USD. Furthermore, 18% spent between $500,000 and $1 million, and 11% of respondents worked for organizations that topped $1 million spent on data security in the past year.
With cloud vulnerabilities being listed as a major concern, plus the ever-growing adoption of cloud technologies and the need for remote work or "work from anywhere" capabilities, it's easy to draw the potential conclusion that this data security spending and the general prioritization of data security at many organizations is connected.
While that's one possible conclusion and there's no denying the need and desire for companies to offer secure remote access to their data, overall, there is no denying the fact that data security is at the forefront of the IT industry's leading minds — and budgets.
Anyone responsible for data security at their company needs to understand the array of threats posed by today's landscape as well as how IT industry professionals are handling data security, including how and why they are using encryption to protect sensitive data and valuable assets.
Download the full report now and learn more about WinZip Enterprise and what it can do to protect your organization and enhance your data security.