87% of Mexican and 69% of Brazilian IT Decision Makers Say their Organization is Vulnerable to Insider Threats
2015 Thales eSecurity Insider Threat Report – Mexico and Brazil Edition
SAN JOSE, Calif. – September 9, 2015 – Thales eSecurity, a leader in enterprise data security for physical, virtual, big data, public, private and hybrid cloud environments, today announced the results of its Mexico and Brazil focused edition of the 2015 Thales eSecurity Insider Threat Report (ITR). The survey was conducted online by Harris Poll in spring 2015 on behalf of Thales eSecurity, and collected responses from 204 IT decision makers, with 102 respondents from Mexico and 102 from Brazil. Survey results are also compared with those collected by Harris Poll in fall 2014 among 818 IT decision makers (ITDMs) in various countries. This report extends and compares earlier findings in the global report, the European edition as well as the Japan and ASEAN edition. The Mexico and Brazil report reveals findings about how these countries perceive security threats, the types of employees considered most dangerous, environments at the greatest risk for data loss and the steps organizations are taking to secure data.
Ordinary employees, privileged users and the supply chain – such as contractors and third party service providers – are all conduits for a traditional insider threat. But the spectrum of insider threats also includes the compromise of these insider accounts by hackers using Advanced Persistent Threat (APT) attacks and other methods. As cloud and big data adoption accelerates, these new technologies also bring new risks to organizations with additional administrative roles and potentials for infrastructure compromise.
Results showed that organizations in both regions felt vulnerable to insider threats - In Mexico 87 percent, and in Brazil 69 percent. Other key findings include:
- Failed a compliance audit or encountered a data breach in the last year
Brazilian respondents reported their organizations encountering a data breach or failing a compliance audit in the last 12 months at lower rates than those of Mexico and the U.S.
Mexico: 48 percent
Brazil: 26 percent
U.S.: 44 percent
- Top locations at risk for loss of sensitive data:
Databases and cloud environments topped the list of locations reported by respondents to be most at risk for loss of sensitive data.
Mexico – databases (51 percent), PCs and workstations (40 percent)
Brazil – databases (50 percent), cloud (39 percent)
U.S. – cloud environments (46 percent), databases (37 percent)
- Insiders that pose the greatest risk:
Privileged users, followed by partners with internal access were recognized as the insiders posing the greatest risks by respondents.
Mexico – Privileged users (68 percent), Partners with internal access (40 percent)
Brazil – Privileged users (54 percent), Partners with internal access (45 percent)
U.S. – Privileged users (59 percent), Partners with internal access (51 percent)
- Increasing IT Security spending to offset threats to data over the next 12 months:
Brazilian respondents reported that their organizations are increasing spending to offset these threats at the highest rate measured (72 percent), but in both Mexico and the U.S. more than half are also increasing spending.
Mexico – 55 percent
Brazil – 72 percent
U.S. – 62 percent
“Perimeter, network and end point defenses have failed in every recent data breach,” said Tina Stewart, vice president of marketing at Thales eSecurity. “As the rate of data breaches accelerates, and as compliance and regulatory requirements increase worldwide, enterprises are recognizing the need to make changes in their IT security stance.”
“Organizations that place a priority on increasing data-at-rest defenses such as those in Brazil (67 percent), Mexico (49 percent) and the U.S. (49 percent) will be much better prepared to protect data against attacks,” said Vice President of Latin America at Thales eSecurity, Roman Baudrit. “Surprisingly, Brazilian respondents also reported much lower levels of failing data breaches and compliance audits (26 percent) than their counterparts in Mexico (48 percent), even though they are planning higher levels of investment in data security – Brazil (72 percent) and Mexico (55 percent).”
The survey results and research report are available from Thales eSecurity and can be found here.
Thales eSecurity’s 2015 Insider Threat Report was conducted online by Harris Poll on behalf of Thales eSecurity from September 22 to October 16, 2014, among 818 adults, ages 18 and older, who work full-time as IT professionals and have at least a major influence on IT decision-making in their companies. In the U.S., 408 ITDMs were surveyed among companies with at least $200 million in revenue, with 102 from the health care industries, 102 from financial industries, 102 from retail industries and 102 from other industries. Roughly 100 ITDMs were interviewed in the U.K. (103), Germany (102), Japan (102) and ASEAN (103), with an additional 102 each from Brazil and Mexico between March 20 and April 2, 2015. Outside of the U.S., companies had at least $100 million in revenue. ASEAN countries were defined as Singapore, Malaysia, Indonesia, Thailand and the Philippines. This online survey is not based on a probability sample and therefore no estimate of theoretical sampling error can be calculated.
About Thales eSecurity
Thales eSecurity (@Thalesesecurity) is the industry leader in data security solutions that protect data-at-rest across physical, big data and cloud environments. Thales eSecurity helps over 1500 customers, including 17 of the Fortune 30, to meet compliance requirements and protect what matters — their sensitive data — from both internal and external threats. The company’s scalable Thales eSecurity Data Security Platform protects any file, any database and any application’s data —anywhere it resides — with a high performance, market-leading solution set.