Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Changing Face of Data Security in the U.S. Federal Government

Published byPamela Arnold Modified over 5 years ago

Similar presentations

Presentation on theme: "The Changing Face of Data Security in the U.S. Federal Government"— Presentation transcript:

1 The Changing Face of Data Security in the U.S. Federal Government
Results from The 2019 Thales Data Threat Report Federal Edition

2 2019 Thales Data Threat Report – Respondent Demographics
Sweden U.K. U.S. Netherlands Germany Japan India US federal agency sizes surveyed 100% - $250M+ 53% - $750M+ 26% - $1B+ ANZ 1,200+ SENIOR IT SECURITY EXECUTIVES SURVEYED GLOBALLY 100 EACH: INDIA, ANZ, JP, UK, DE, NE, SWE 500 U.S. – 100 EACH: FED GOV, HC, RETAIL, FIN SRV Storyline: More than ever it is crucial that organizations manage and safeguard personal information and address their risks and legal responsibilities in relation to processing personal data, to address the growing amount of applicable data protection legislation. A well constructed and comprehensive compliance program can solve these competing interests and is an important risk management tool. Understanding cybersecurity mandates on a global scale is critical to any multinational company that collects and retains customer data, trade secrets, and other confidential data or operates in a critical infrastructure sector, such as energy, financial services, healthcare and defense/government contractors.

3 Is Agency Digital Transformation putting sensitive data at risk?
Federal agencies are nearly universal in implementing digital transformation initiatives. But agencies pervasively use sensitive personal, financial, and national security data. Are these deployments secure?

4 Agency digital transformation universal uses sensitive data
High rates of adoption combined with sensitive data expands risks to data Digital transformation and sensitive data use Adoption rates by digital transformation technology 98% Using sensitive data with digital transformation technologies Cloud, big data, IoT, containers, mobile payments, blockchain, social media SaaS 95% IaaS 93% PaaS 92% Mobile Payments 90% Big Data 86% IoT 93% Containers 81% Blockchain 82% Use now Planned to add within 12 months

5 Are agency digital transformation deployments secure?
Despite high levels of belief in the security of deployments, most feel vulnerable, few secure data with encryption Agency vulnerability to data threats. 42% are very or extremely vulnerable Organizations think their digital transformation initiatives are secure – But are they? 79% 30% 79% Believe Their digital transformation initiatives are very or extremely secure But only 30% or less use data encryption With their digital transformation environments today

6 Agency Data Breach Rates
U.S. federal agency data breach rates are significantly high, with over half of all breaches occurring in the last year 60% 35% 14% Breached ever Breached in the last year Breached multiple times have been breached both in the last year and previously

7 While DX is driving benefits to agencies and constituents alike, it is introducing new difficulties for information security professionals, including the potential to put government secrets and constituents’ sensitive data at risk” – 2019 Thales Data Threat Report

8 The multicloud agency – Sensitive data use brings risk
Using cloud 90%+ of enterprises using each cloud environment type: SaaS, IaaS and PaaS 90%+ “Agencies will need to implement security tools and platforms designed for modern, hybrid, and multi-cloud architectures, not jerry- rigged from legacy technologies” – 2019 Thales Data Threat Report 78% Using sensitive data In cloud environments Use more than 25 SaaS applications Multi-cloud usage is high, bringing even more risk Use 3 or more IaaS vendors Use 3 or more PaaS environments

9 What’s needed to solve agencies cloud data-at-rest security problems
What’s needed to solve agencies cloud data-at-rest security problems? Encryption! “Data must be protected where it sits, in the data center, in the cloud, or at its termination point.” Top 3 cloud data security issues Top 3 data security tools needed in the cloud Security of agency data if the cloud provider fails or is acquired 57% Security breaches/attacks at the service provider 55% Meeting compliance requirements and regulations (PCI DSS, FISMA, NIST… 55% Encryption of cloud data 39% Specific written compliance commitments 39% Detailed in-cloud security information (Physical and IT) 38%

10 2019 agency IT security spending priorities
Data breaches and compliance requirements are not top IT security spending priorities for agencies Implementing security best practices 44% Reputation and brand protection 38% Requirements from business partners/customers 37% Increased use of cloud computing 34% Competitive/strategic concerns 34% Executive directive 32% Past data breach 30% Compliance requirements 27% Avoiding data breach penalties 24%

11 Data privacy and sovereignty regulations
“Prioritize compliance issues. With the overarching impact of federal and global data regulations, 2019 could be considered ‘the year of data protection’.” Thale Data Threat Report How will agencies meet these regulations? Encryption Data Privacy 86% of agency IT security pros polled said that their organizations would be affected by data privacy or data sovereignty regulations 86% Encrypting personal data Tokenizing personal data (an encryption technology) Moving data to compliant locations Use local hosting and cloud providers Not affected by these regulations

12 Threat vectors shift to external attackers
“Federal government respondents believe they are more vulnerable to security threats than most other industries.” 2019 Thales Data Threat Report 48% 54% 47% 45% 42% 35% 36% 37% 33% 34% Cybercriminals Privileged users Cyberterrorists Partners w/internal access Service provider accounts Hactivists Executives Competitors Ordinary employees Other IT accounts Nation-states Contractor accounts 82% of agencies feel vulnerable Somewhat Vulnerable Very/extremely vulnerable 42% 40% 82% Past data breach

13 Beyond cloud – digital transformation increases risks
The problem: massive adoption combined with sensitive data Adoption rates for digitally transformative technologies beyond cloud 86% 92% 90% 82% 95% Using or planning to use Big Data Using or planning to use IoT Using or planning to use Mobile Payments Using or planning to use Blockchain Using or planning to use Social Media Rates of sensitive data use with digital transformation technologies 40% Big Data 40% IoT 45% Mobile Payments 32% Blockchain 40% Social Media RESEARCH AND ANALYSIS FROM:

14 Digital transformation – Encryption required
“You need new data security methods to protect today’s IT landscape, and this starts with encryption.” - IDC 49% 44% 45% 39% IoT Encryption the top tool needed to drive IoT adoption Cloud Data encryption is a top tool needed to enable more cloud use Big Data Encryption needed to enable more big data usage Containers Availability of encryption increases adoption

15 Digital transformation data – Requires protection
Cloud Cloud Cloud Network Palo Alto Networks Cisco Cloud Endpoint Symantec McAfee FireEye Carbon Black Application Application Database File System Storage/SED’s Now, from a partner view, here is where the Vormetric Data Security Platform fits in the security stack. Partners are very familiar with security solutions for network and endpoint. But digital transformation is really dissolving the perimeter and you need to protect sensitive data everywhere it goes. And that is where Vormetric Data Security Platform excels by protecting data across the enterprise on disks, file systems, databases, applications all the way to the cloud. And unlike network and endpoint segments which are pretty much saturated, we offer a major growth market for partners.

16 The Changing Face of Data Security in the U.S. Federal Government
Results from The 2019 Thales Data Threat Report Federal Edition

Download ppt "The Changing Face of Data Security in the U.S. Federal Government"

Similar presentations

Considerations in an Outsourced / Cloud World ARMA Information Management Symposium Bill Wilson, Chief Privacy Technologist.

Considerations in an Outsourced / Cloud World ARMA Information Management Symposium Bill Wilson, Chief Privacy Technologist.
Study conducted on behalf of Microsoft by Harris Interactive Inc. Study conducted on behalf of Microsoft by Harris Interactive, Inc. Study conducted on.

Study conducted on behalf of Microsoft by Harris Interactive Inc. Study conducted on behalf of Microsoft by Harris Interactive, Inc. Study conducted on.
Cloud Computing Stuart Dillon-Roberts. “In the simplest terms, cloud computing means storing & accessing data & programs over the Internet instead of.

Cloud Computing Stuart Dillon-Roberts. “In the simplest terms, cloud computing means storing & accessing data & programs over the Internet instead of.
What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.

What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.
1 CISCO SAFE: VALIDATED SECURITY REFERENCE ARCHITECTURE What It Is Business Transformation Top Questions To Ask To Initiate The Sale Where It Fits KEY.

1 CISCO SAFE: VALIDATED SECURITY REFERENCE ARCHITECTURE What It Is Business Transformation Top Questions To Ask To Initiate The Sale Where It Fits KEY.
David Canellos CEO PerspecSys, Inc.

David Canellos CEO PerspecSys, Inc.
1 © 2009 Cisco Systems, Inc. All rights reserved.Cisco Confidential Cloud Computing – The Value Proposition Wayne Clark Architect, Intelligent Network.

1 © 2009 Cisco Systems, Inc. All rights reserved.Cisco Confidential Cloud Computing – The Value Proposition Wayne Clark Architect, Intelligent Network.
CUTTING COMPLEXITY – SIMPLIFYING SECURITY INSERT PRESENTERS NAME HERE XXXX INSERT DATE OF EVENT HERE XXXX.

CUTTING COMPLEXITY – SIMPLIFYING SECURITY INSERT PRESENTERS NAME HERE XXXX INSERT DATE OF EVENT HERE XXXX.
Cloud Computing Security Keep Your Head and Other Data Secure in the Cloud Lynne Pizzini, CISSP, CISM, CIPP Information Systems Security Officer Information.

Cloud Computing Security Keep Your Head and Other Data Secure in the Cloud Lynne Pizzini, CISSP, CISM, CIPP Information Systems Security Officer Information.
This presentation, including any supporting materials, is owned by Gartner, Inc. and/or its affiliates and is for the sole use of the intended Gartner.

This presentation, including any supporting materials, is owned by Gartner, Inc. and/or its affiliates and is for the sole use of the intended Gartner.
Cloud Market Readiness Report Finance, Media, and Legal Sectors March 2014 Trend Consulting 2013.

Cloud Market Readiness Report Finance, Media, and Legal Sectors March 2014 Trend Consulting 2013.
Architecture & Cybersecurity – Module 3 ELO-100Identify the features of virtualization. (Figure 3) ELO-060Identify the different components of a cloud.

Architecture & Cybersecurity – Module 3 ELO-100Identify the features of virtualization. (Figure 3) ELO-060Identify the different components of a cloud.
Robert Mahowald August 26, 2015 VP, Cloud Software, IDC

Robert Mahowald August 26, 2015 VP, Cloud Software, IDC
Alliance Key Manager for Windows Azure Puts Encryption Key Management and Data Breach Security at Your Fingertips COMPANY PROFILE: TOWNSEND SECURITY Townsend.

Alliance Key Manager for Windows Azure Puts Encryption Key Management and Data Breach Security at Your Fingertips COMPANY PROFILE: TOWNSEND SECURITY Townsend.
Copyright © 2015 Centrify Corporation. All Rights Reserved. 1 Company Overview & Strategy Lance McAndrew Product Line Sales Engineer.

Copyright © 2015 Centrify Corporation. All Rights Reserved. 1 Company Overview & Strategy Lance McAndrew Product Line Sales Engineer.
Your Cyber Security: The scope of your risk is broad and growing To understand the nature of the risk landscape look at the presentations here today-begin.

Your Cyber Security: The scope of your risk is broad and growing To understand the nature of the risk landscape look at the presentations here today-begin.
Global Digital Security Market 2016-2020 www.rnrmarketresearch.com WEBSITE Single User License: US$ 2500 No of Pages: 60 Corporate User License: US$ 4000.

Global Digital Security Market WEBSITE Single User License: US$ 2500 No of Pages: 60 Corporate User License: US$ 4000.
Increasing Cloud Adoption Through Cloud Services Brokerage (CSB) Brent Brightwell Senior VP Products and Strategy DoubleHorn.

Increasing Cloud Adoption Through Cloud Services Brokerage (CSB) Brent Brightwell Senior VP Products and Strategy DoubleHorn.
Copyright © 2015 Centrify Corporation. All Rights Reserved. 1 Securing Enterprise Identities Against Cyberthreats Brian Krause Manager of North America.

Copyright © 2015 Centrify Corporation. All Rights Reserved. 1 Securing Enterprise Identities Against Cyberthreats Brian Krause Manager of North America.
Public Cloud Market to Global Analysis and Forecasts by Services, Applications No of Pages: 150 Publishing Date: Jan 2017 Single User PDF: US$ 3900.

Public Cloud Market to Global Analysis and Forecasts by Services, Applications No of Pages: 150 Publishing Date: Jan 2017 Single User PDF: US$ 3900.

Similar presentations

Ads by Google