We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

URL has been copied successfully!
Three Keys to Modernizing Data Security: DSPM, AI, and Encryption
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

Three Keys to Modernizing Data Security: DSPM, AI, and Encryption

by

Andy Stern
in

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Three Keys to Modernizing Data Security: DSPM, AI, and Encryption
andrew.gertz@t“¦
Tue, 01/21/2025 – 14:56

Organizations worldwide face a “perfect storm” of increasing and ever-evolving cyber threats. Internal and external factors are at play, elevating cyber risks and their consequences and mandating new approaches to safeguard data. A recent study based on responses from over 950 IT security professionals, Omdia’s Decision Maker Survey, uncovers the factors and the three keys organizations need to focus on to overcome this perfect storm.
Omdia Report Results - Lynne Murray Thumbnail
Data Security
Cloud Security
Security Intelligence

Lynne Murray Lynne Murray – Director of Product Marketing for Data Security
More About This Author >

Organizations worldwide face a “perfect storm” of increasing and ever-evolving cyber threats. Internal and external factors are at play, elevating cyber risks and their consequences and mandating new approaches to safeguard data. A recent study based on responses from over 950 IT security professionals, Omdia’s Decision Maker Survey, uncovers the factors and the three keys organizations need to focus on to overcome this perfect storm.

The perfect storm

Stringent regulations are everywhere. As data volumes skyrocket, data privacy legislation is rising in kind to ensure data is properly protected. Today, 137 of 194 countries have enacted data privacy legislation, per Omdia. Regulatory compliance is also becoming more stringent, and noncompliance can bring steep penalties and consequences, damaging an organization and its reputation. In 2024 alone, cumulative fines from the General Data Protection Regulation (GDPR) reached almost 5 billion euros, as exhibited in Figure 1.  

Diagram of GDPR cumulative sum of fines

Figure 1. GDPR cumulative sum of fines

(Source: enforcementtracker.com/?insights) A persistent skills gap lingers. As organizations strive to improve data security, a longstanding skills gap remains the most significant impediment. The Omdia study found that 64% of respondents cite a skills gap as the most substantial issue impacting the security function of their organization. Complex, disjointed security infrastructures are commonplace. In the organizational scramble to stay ahead of rapidly advancing cyber threats, multiple tools, duplicate efforts, and labor intensity have created complex, disjointed security infrastructures. This traditional piecemeal approach comes at a high cost, often increasing cyber vulnerabilities. Omdia identified a strong trend toward the adoption of a centralized, integrated security platform. Respondents indicate the top reasons are the need for scalability and flexibility (43%), improvements in the total cost of ownership (40%), better centralized management (40%), and the need to reduce complexity (37%).

Three keys to a future-forward data security strategy

1. A DSPM moves the needle with integrated capabilities and comprehensive encryption.

Organizations must adopt a more comprehensive, holistic security strategy. Data security posture management (DSPM) is a great first step as the foundation of a broader approach. Equally essential capabilities, such as advanced analytics, encryption, access management, event reporting, and incident response, can be integrated into DSPM to more effectively safeguard data. Omdia stresses that as part of a DSPM, encryption is a must-have tool, mandated by most regulations, and an essential best practice for any sound data security practice. Most organizations encrypt on-premises data, but the colossal movement of data to the cloud has created a new and growing gap. According to the Omdia findings, 47% of data in the cloud is deemed “sensitive,” warranting protective measures. However, Omdia respondents show that cloud data encryption rates are dangerously low; less than 10% of enterprises claim to have encrypted 80% or more of their cloud data. Organizations must adopt the encryption of their cloud-based data as a standard and ongoing best practice.

Sensitive Data in the Cloud - Omdia Report Findings

Figure 2: Percentage of sensitive data in the cloud

2. Embrace the strong shift toward unification with a platform-based approach.

In today’s intense cyber threat landscape, hastily acquired or internally developed stop-gap security measures can be problematic. These approaches can elevate vulnerabilities, increase management costs, and cause difficulties in discerning real threats. Driven by the need to reduce complexity, streamline operations, and achieve a single interface, organizations are seeking a unified, platform-based, data-first security approach. Integrated security platforms manage data security across cloud, SaaS, and on-premises environments. Further, they centralize security management and provide a single view of security across the full data estate and the entire organization, streamlining and improving an organization’s data security posture. Omdia’s Decision Maker Survey 2024 reveals data security is emerging as one of the leading areas, with 59% of respondents planning to adopt an integrated security platform in the near future. In comparison, the remaining 41% have not ruled out a platform-based approach as part of their future strategy. Omdia underscores that organizations should validate that integration is part of all-encompassing platforms. An integrated platform is not a collection of point products but rather a united set of components that function together within a single data security platform.

Data Security Analysis - Omdia Report Findings

Figure 3. Data security is a leading area

3. Leverage AI with the proper safeguards to reduce workloads and detect security threats.

With the skyrocketing growth of unstructured data”, estimated by IDC to be 80% of all data, or 175 zettabytes of data (175 with 21 zeros) by 2025″, the use of automation and AI/ML capabilities is vital to reduce workloads and improve detection. These tools are essential to manage the growing volume and complexity of the data landscape. For instance, using AI/ML tools to constantly monitor real-time data access and use by individuals can streamline operations and improve threat detection, threat response, and security analytics and insights, thereby increasing the effectiveness of risk identification and mitigation. Further, as Omdia states, “AI-driven analytics can be used to predict potential security incidents before they occur, providing a proactive layer of protection that complements DSPM.” At the same time, the rapid rise and adoption of generative AI introduce new requirements. For organizations, the proper safeguards”, such as controls or restrictions”, must be put in place. Omdia points out that, fundamentally, “critical business intellectual property and sensitive personally identifiable information must not be exposed to the generative AI domain.”

Take action

The current state of data security, as outlined in the Omdia study, is an urgent call to action for organizations across industries and of all sizes. No one is exempt from the threat and reach of cybercrime, which is growing and morphing at a swift pace. Organizations can bolster their data security posture by focusing on three areas, the keys to a future-forward data security approach:

    Look at DSPM capabilities to move the needle with integrated capabilities and comprehensive encryption. Embrace the shift toward unification with a platform-based approach. Leverage AI with the proper safeguards to reduce workloads and detect security threats.

Next steps

Read the full Omdia report: Future-proofing data security to learn more about Omdia’s research findings, data security outlook, and key recommendations. Join a more in-depth discussion in our webinar 2025 Outlook for Data Security featuring Adam Strange, principal analyst of Data Security at OMDIA, and Terry Ray, Data Security CTO, Thales.

Schema
{
“@context”: “https://schema.org”,
“@type”: “BlogPosting”,
“headline”: “Three Keys to Modernizing Data Security: DSPM, AI, and Encryption”,
“description”: “Discover how DSPM, AI, and encryption are transforming data security strategies, reducing vulnerabilities, and improving compliance.”,
“author”: {
“@type”: “Person”,
“name”: “Lynne Murray”,
“url”: “https://cpl.thalesgroup.com/blog/author/lmurray”
},
“publisher”: {
“@type”: “Organization”,
“name”: “Thales Group”,
“description”: “The world relies on Thales to protect and secure access to your most sensitive data and software wherever it is created, shared, or stored. Whether building an encryption strategy, licensing software, providing trusted access to the cloud, or meeting compliance mandates, you can rely on Thales to secure your digital transformation.”,
“url”: “https://cpl.thalesgroup.com”,
“logo”: “https://cpl.thalesgroup.com/sites/default/files/content/footer/thaleslogo-white.png”,
“sameAs”: [
“https://www.facebook.com/ThalesCloudSec”,
“https://www.twitter.com/ThalesCloudSec”,
“https://www.linkedin.com/company/thalescloudsec”,
“https://www.youtube.com/ThalesCloudSec”
]
},
“datePublished”: “2025-01-21”,
“mainEntityOfPage”: “https://cpl.thalesgroup.com/blog/data-security/three-keys-modernizing-data-security-dspm-ai-encryption”,
“image”: “https://cpl.thalesgroup.com/sites/default/files/content/blog/images/lynne-murray-omdia-report-social.jpg”
}

studio
THALES BLOG

Three Keys to Modernizing Data Security: DSPM, AI, and Encryption

January 21, 2025

First seen on securityboulevard.com

Jump to article: securityboulevard.com/2025/01/three-keys-to-modernizing-data-security-dspm-ai-and-encryption/

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. 25 on 2025: APAC security thought leaders share their predictions and aspirations
  2. The 7 most in-demand cybersecurity skills today
  3. Security leaders top 10 takeaways for 2024
  4. 9 VPN alternatives for securing remote network access