SOURCE: Protegrity
December 13, 2011 09:05 ET
Coming Year Will Bring Focus on Value-Based Data Security and Increased Adoption of Tokenization Technologies
STAMFORD, CT--(Marketwire - Dec 13, 2011) - The scale and frequency of data breaches in 2011 trended upwards despite high levels of spending on data security. 2011 also saw an increase in attacks focused on personally identifiable information (PII), such as email addresses and location, in addition to financial data. These data breaches and new, creative attacks clearly signal the need for a different approach to data protection in 2012. Based on its engagements with more than 200 global enterprises, Protegrity USA, Inc., a leading provider of end-to-end data security solutions, today unveils its enterprise security predictions for the coming year.
Topping the list is Protegrity's prediction that enterprises will recognize security is about more than compliance and start to move away from the knee-jerk, "pay what it costs" approach. Security measures will begin to be evaluated in much the same way as other company expenditures, with cost vs. benefit ratios top of mind. These moves will be driven at least in part by an increasing number of security-related class action suits and new legislation focused on data protection in the U.S. and Europe, as well as the ever-present need to be sensitive to expenses.
"In 2012, we will see progressive companies evolving their security approach from focusing on the bits and bytes of data protection to securing information across the entire customer relationship cycle," said Suni Munshani, CEO of Protegrity.
Specifically, Protegrity expects to see:
- End-to-end data protection - Instead of protection practices that focus on certain types of data (for example, contents of data warehouses, point of sale, or data in transit), organizations and vendors alike will develop and support practices to secure the end-to-end customer data lifecycle. As a result, cost metrics will begin to focus more on "cost per customer" than on cost per amount or type of data.
- Mobile Payment Protection - Data must be protected regardless of the customer's location and the devices used to access it. Because of this, tokenization will begin to emerge as critical for mobile payment protection, given its far lower vulnerability to opportunistic "drive-by" data theft. The meaningless symbols used in tokenization to replace credit card and other payment data have no value to cyber thieves.
- Data in the Cloud - If cloud data can't pass standard audit tests, the cloud will become less and less attractive as a storage medium to enterprises managing customer and other personally identifiable data. Security concerns could be the reason cloud hits a wall in 2012.
- Decline in log monitoring as a security strategy - Monitoring is clearly neither cost effective nor useful as a security tool, as a large percentage of enterprises with breaches in 2011 were monitoring for unauthorized activity at the time of the attack. Proactive methods such as tokenization and predictive behavioral analysis will replace monitoring in 2012.
"Tokenization will become more attractive to service businesses such as hospitality, where PCI compliance is widely required but where the appropriate resources to do a comprehensive job of protecting data are often lacking," says Ulf Mattsson, CTO of Protegrity. "Because tokenization can reduce the scope of compliance by 50 percent or more, the savings can be significant for these businesses."
About ProtegritysHeadquartered in Stamford, Conn., Protegrity provides high performance, infinitely scalable, end-to-end data security solutions that protect sensitive information across the enterprise from the point of acquisition to deletion. The company's award-winning software products span a variety of data protection methods, including end-to-end encryption, tokenization, masking, and monitoring and are backed by several important data protection technology patents. Currently, more than 200 enterprise customers worldwide rely on Protegrity's comprehensive data security solutions to enable compliance for PCI-DSS, HIPAA and other data protection mandates while protecting sensitive data, brand, and business reputation. For more information, please visithttp://www.protegrity.com.
