Thales today announced the release of the 2023 Thales Cloud Security Study, its annual assessment on the latest cloud security threats, trends and emerging risks based on a survey of nearly 3,000 IT and security professionals across 18 countries including Australia.
This year’s study found that more than a third (37%) of Australian busi
This comes as businesses reported a dramatic increase in the level of sensitive data stored in the cloud. Six in ten (65%) businesses said that more than 40% of data stored in the cloud is classified as sensitive, compared to 47% of businesses this time last year.
Almost half (48%), ranked cloud-
Lack of Encryption and Key Control Causes Cloud Data Concerns
Despite the reported increase in sensitive data in the cloud, the study found low levels of encryption being used by Australian businesses. Only one in ten (7%) IT professionals reported more than 60% of their sensitive data in the cloud is encrypted. According to the findings, on average, only 45% of cloud data is currently encrypted globally.
The study also found a lack of control over encryption keys by Australian businesses, with only 13% of those surveyed stating that they controlled all the keys to their encrypted data in their cloud environments. In addition, over half (54%) say they have five or more key management systems – creating increased complexity when securing sensitive data.
Multicloud Causing Operational Complexity
The adoption of multicloud continues to surge globally, with more than three quarters (79%) of organisations having more than one cloud provider.
Notably, it’s not just infrastructure that is experiencing this growth. The use of SaaS applications is also on the rise. In 2022, 22% of respondents reported their enterprises utilising 51-100 different SaaS applications, while in 2023 this percentage increased to 36%.
Despite the expansion of cloud usage, a significant challenge remains. More than half (59%) expressed that managing data in the cloud is more complex than in on-premises environments – up from 53% the previous year. Digital sovereignty is also front of mind for Australian respondents. Ei
Pathways to Better Cloud Security
Identity and access management (IAM) is a crucial measure in mitigating data breaches, emphasising the significance of strong security practices. Encouragingly, the adoption of robust multi-factor authentication (MFA) in Australia has risen to 64%, indicating progress in fortifying access controls.
Surprisingly, only 36% of organisations have implemented zero trust controls in their cloud infrastructure, and an even smaller percentage (32%) utilise such controls within their cloud networks. These statistics highlight the need for greater emphasis on adopting comprehensive security measures to effectively safeguard sensitive data and enhance overall cybersecurity resilience.
Brian Grant, Regional Director, ANZ, Thales Cloud Security, says, “Australia is home to a dynamic multicloud landscape. As organisations continue their digital transformations, more and more sensitive data will move to the cloud. This data remains the responsibility of the enterprise customer and not the cloud service provider. Ultimately, if busin
“While cloud environments offer many benefits, the reality is that they are complex; it takes only one small oversight to open the door to a skilled attacker. When this occurs, sensitive cloud information can be stolen or compromised, costing organisations hundreds of times more than the investment to secure the cloud data in the first place.”
“Data encryption, data access control and data-at-risk alerts are three essential security measures every organisation should have in place if they are to successfully leverage the cloud while ensuring the integrity and confidentiality of their valuable information. The growth and success of a cloud-first business today relies as much on great data security as on protecting its cash flow.”
About the 2023 Thales Cloud Security Report
The 2023 Thales Cloud Security Report was based on a global S&P Global Market Intelligence survey commissioned by Thales of almost 3000 executives with responsibility for or influence over IT and data security. Respondents were from 18 countries: Australia, Brazil, Canada, France, Germany, Hong Kong, India, Italy, Japan, Mexico, Netherlands, New Zealand, Singapore, South Korea, Sweden, the United Arab Emirates, the United Kingdom, and the United States. Organisations represented a range of industries, with a primary emphasis on healthcare, financial services, retail, technology, and federal government. Job titles ranged from C-level executives including CEO, CFO, Chief Data Officer, CISO, Chief Data Scientist, and Chief Risk Officer, to SVP/VP, IT Administrator, Security Analyst, Security Engineer, and Systems Administrator. Respondents represented a broad range of organisational sizes, with the majority ranging from 500 to 10,000 employees. The survey was conducted in November and December 2022.
About Thales
Thales (Euronext Paris: HO) is a global leader in advanced technologies within three domains: Defence & Security, Aeronautics & Space, and Digital Identity & Security. It develops products and solutions that help make the world safer, greener and more inclusive.
The Group invests close to €4 billion a year in Research & Development, particularly in key areas such as quantum technologies, Edge computing, 6G and cybersecurity.
Thales has 77,000 employees in 68 countries. In 2022, the Group generated sales of €17.6 billion.
