We’re excited to bring back Transform 2022 in person on July 19 and virtually from July 20-28. Join leaders in AI and data for in-depth discussions and exciting networking opportunities. Register today!
Today’s data security provider, Titaniam Inc.., released the State of Data Exfiltration and Extortion report, which found that while more than 70% of organizations have an existing set of prevention, detection and recovery solutions, nearly 40% have been affected by ransomware attacks in the past year.
The results suggest that traditional data security tools, such as secure backup and recovery tools, solutions offering encryption at rest and in transit, tokenization and data masking, fail to protect data from malicious users. against ransomware threats 60% of the time.
Importantly, the research underscores that organizations cannot afford to rely solely on traditional data security tools to defend against data exfiltration and double extortion ransomware attacks, they must be able to encrypt data. in use to stop malicious actors in their tracks.
The problem with traditional data security tools is not that they lack robust security measures, but that attackers can circumvent these controls by stealing credentials to gain privileged access to data assets. critical data.
“These traditional tools are ineffective against ransomware and extortion because the most common attacks involve attackers who ‘hack’ but rather attackers who ‘log in’ using stolen credentials. When this happens, traditional security tools see attackers as valid users,” said Titaniam Founder and CEO Arti Raman.
“In this scenario, as attackers roam the network, they can use their credentials to decrypt, detokenize, and unmask data just as a legitimate user or administrator would do in their day-to-day work. Once the decrypted data, attackers exfiltrate it and use it as leverage for extortion,” Raman said.
Raman notes that the shift to exfiltration happened in mid to late 2020, when cybercriminals started integrating data exfiltration to gain more leverage on victims using backup and recovery solutions. recovery.
The only way to defend against the intrusions typical of modern ransomware attacks is for organizations to deploy data security solutions with in-use encryption. In-use encryption can help hide data so that it cannot be exfiltrated by attackers who have gained privileged access to corporate resources.
The data encryption market
The need for stronger data protection has contributed to a significant growth in the data encryption marketwhich researchers valued at $9,434.76 in 2020 and expect to reach a value of $42,267.99 by 2030, as more organizations seek to prevent unauthorized users.
Gartner also predicts that data encryption will become more popular in the future, suggesting that by 2023, 40% of organizations will have a multi-site, hybrid, multi-color data encryption strategy, up from less than 5% today.
Titaniam is one of the latest entrants to the market, providing companies with a data security platform with in-use encryption to protect it from unauthorized users who have been granted privileged access, and raising $6 million as part of a seed funding round early this year.
It competes with providers like IBM Security Guardium Data Encryption, which provides enterprises with encryption, tokenization, data masking and key management capabilities to protect data in cloud, virtual and on-premises environments. IBM recently announced an increase in the fourth quarter revenue of $16.7 billion.
Likewise, Fortanix holds a strong position in the market with a Runtime Encryption platform that uses encryption to protect data from exposure in the clear. Fortanix recently raised $23 million in a Series B round funding cycle in 2019.
However, the main differentiator between Titaniam and other data encryption providers is that it does not rely on tokenization. This means that in-use encryption does not disrupt full search and analysis applications, providing a response that balances greater security controls without hampering the user experience.
VentureBeat’s mission is to be a digital public square for technical decision makers to learn about transformative enterprise technology and conduct transactions. Learn more about membership.