European Businesses Signal ‘Growing Security Gap’ Amid Mass Digital Transformation May 22, 2019 Kai Zobel | Senior Director More About This Author > As false predictions of digital transformation fade into the past, we are hurtling into a new era of business. In a global and unprecedented shift, digital transformation is driving a wave of benefits as part of this new digital-first business environment – from greater efficiencies to building better customer experiences and relationships. For Europe, the story is no different. In fact, in the 2019 Thales Data Threat Report – Europe Edition launched yesterday, we see that over a third (36%) of enterprises in the region are either aggressively disrupting the markets they participate in – or embedding digital capabilities that enable greater organisational agility. Overall, the picture is clear. Upwards of 84% of enterprises are using, or planning to use, digitally transformative technologies such as cloud, big data, containers, blockchain and the Internet of Things (IoT). How does digital transformation impact data security? Yet, at the heart of this shift lies a dark truth: with the stakes already high, these businesses become extremely vulnerable during digital transformation. This is the key theme we encountered in preparing this year’s Data Threat Report for Europe, with research and analysis from leading analyst firm IDC. Despite all the benefits digital transformation will bring, these complex transitions create a new set of data threats for companies to contend with; threats that over a quarter (27%) of European enterprises now feel ‘very’ or ‘extremely’ exposed to. Overall, we’re seeing a growing ‘security spend gap’, with cybersecurity spend struggling to keep pace with the rate of threats and breaches these organisations must face. With almost a third (29%) of surveyed enterprises experiencing a breach last year, and only a little more than half (55%) believing their digital transformation deployments are ‘very’ or ‘extremely’ secure, it is alarming to note that the majority (60%) will either maintain or decrease security spend next year. Understanding the threats Making matters worse for European enterprises, threat vectors are continuing to broaden and evolve. In the past, data security professionals were primarily concerned with internal actors, but this year’s report shows the growing importance of outside threats. Europeans see the greatest threats overall to be cybercriminals, cyberterrorists and hacktivists, which is consistent with the top perceived threats in the global sample. Internal actors – non-privileged employee accounts, contractor accounts, and non-privileged IT accounts – are the lowest-perceived risk factors. Underpinning these evolving threats and ‘doing more with less’ approach, this year’s data also shines a light on a troubling confidence-capability gap. While European firms feel less vulnerable to data security issues than their global counterparts (27% feel ‘vulnerable’ or ‘very vulnerable’, compared to 34% of the global sample), they are less likely to believe they have adequate security in place; 82% say they are moderately or extremely secure which is lower than the 88% of global respondents who believe they are moderately or extremely secure. Compliance, compliance, compliance A year since the EU General Data Protection Regulation (GDPR) came into force, it is also unsurprising to see a heavy emphasis on security-related compliance. Around 40% of UK businesses, for example, are prioritising compliance in their security spend. But to truly realise the benefits of digital transformation without putting the business at greater risk, these organisations must take a view that is longer-term and beyond ‘just good enough’ security. Only then will we see the true promise of digital transformation play out and, as a result, unlock massive economic benefits to key markets for Europe as a whole. To find out more about Europe’s evolving data threats, download the 2019 Thales Data Threat Report – Europe Edition today.