Share this article on:
Less than 10 per cent of businesses across Australia are encrypting at least half of the sensitive data stored in the cloud, new research has revealed.
According to a 2021 Thales Global Cloud Security Study – commissioned by Thales and conducted by 451 Research – 51 per cent of Australian businesses have experienced a cloud-based data breach over the past year.
However, despite heightened vulnerabilities, 92 per cent of businesses admit they do not encrypt half of the sensitive data stored in the cloud.
This comes amid a rise in cloud adoption, with 58 per cent of respondents in the Asia-Pacific (57 per cent overall) employing two or more cloud infrastructure providers.
The research also found that the majority of data stored by 26 per cent of Australian organisations is sensitive, with most respondents (74 per cent) turning to encryption for security, followed by tokenisation or data masking (69 per cent), key management (60 per cent) and multi-factor authentication (MFA) technologies (47 per cent).
For those encrypting their data, 33 per cent mostly leave the control of keys to service providers rather than retaining control themselves.
Moreover, nearly three quarters of business leaders (66 per cent) admitted their organisation does not have a Zero Trust strategy, with 21 per cent not considering one.
"It’s no longer ‘if’ a cyber breach occurs but ‘when’. A robust security strategy is essential to ensuring data and business operations remain secure,” Brian Grant, ANZ director at Thales said.
“With nearly every business reliant on the cloud to some extent, it is vital that security teams have the ability to discover, protect and maintain control of their data.”
Fernando Montenegro, principal research analyst for information security at 451 Research – a subsidiary of S&P Global Market Intelligence – said organisations should strongly consider reviewing their strategies and approaches to protecting data in cloud.
“This includes understanding the role of specific technologies including encryption and key management, as well as the shared responsibilities between providers and their customers,” Montenegro added.
“As data privacy and sovereignty regulations grow, it will be paramount that organisations have a clear understanding of how they remain responsible for data security and make clear decisions about who is in control and who can access their sensitive data.”
News Editor – Defence and Security, Momentum Media
Prior to joining the defence and aerospace team in 2020, Charbel was news editor of The Adviser and Mortgage Business, where he covered developments in the banking and financial services sector for three years. Charbel has a keen interest in geopolitics and international relations, graduating from the University of Notre Dame with a double major in politics and journalism. Charbel has also completed internships with The Australian Department of Communications and the Arts and public relations agency Fifty Acres