Section 4
From Zero Trust to quantum trust
Cloud security transforms to meet new challenges
of organizations have a reactive cybersecurity posture.
of organizations face between $100,000 and $500,000 in losses for every hour of unplanned downtime.
business executives say data and cloud security is stifling innovation.
of organizations acknowledge they are not ready for quantum cryptography incursions.
Current cybersecurity measures are stifling innovation and cannot handle the emerging technologies organizations are investing in. Beyond adapting to new threats, this shift is about staying ahead in the digital landscape. Organizations need security that enables rather than limits progress.
“Generative AI makes lower-skill hackers more dangerous because it augments their [capabilities],” says Eurostar’s Laurent Bellan. The Eurostar team also uses AI for detection and defense by automating the analysis of data, enabling better threat detection and managing vulnerabilities. “I can’t wait for it to help with automating patching," says Bellan. "We’re actively looking at AI for this so we can take advantage as soon as it’s possible.”
Forty-one percent of organizations say they risk losing between $100,000 and $500,000 for every hour of unplanned IT downtime. This figure varies widely across the three global regions: 56% of APAC organizations say this compared with 43% of U.S. organizations and 36% of European organizations.
However, 85% of organizations say they take a reactive approach to cybersecurity and only respond to incidents when they happen.
In 2023, a similar number — 86% — admitted that responding to breaches took priority over prevention.
Establishing a more proactive approach to cybersecurity will help organizations stay ahead of attacks and avoid downtime and loss of earnings.
Business executives and IT executives disagree about which cybersecurity measures are most effective and critical.
Data is a key area where decision-makers are looking for more flexibility. Almost two-thirds of business executives (63%) say that outdated or rigid data security infrastructure prevents them from effectively accessing, sharing and analyzing data (compared with 35% of IT executives).
A similar proportion of business executives (68%) say their cloud security policies and concerns significantly slow down innovation and technology adoption (compared with 37% of IT executives).
But generative AI is delivering exciting use cases that improve cybersecurity and, ultimately, create more access, says Rahul Patel, CIO at KBC Bank USA. “Cybersecurity must always be a priority, but it's hard to gain a full picture when there are so many different data sources.
“Newer generative AI technologies can harmonize data and then build the visibility needed to implement the proper safeguards.”
Innovation Leaders are more likely to consider all areas of data-related risk and organizational chaos factors in their organizations as very high risk. They are particularly concerned about data security beyond the boundary of the organization and the risk from emerging technologies: 44% see third-party or vendor data exposure and lack of readiness for post-quantum data protection as very high-risk areas, and 40% say the same about edge computing data exposure (Figure 10).
Figure 10:Innovation Leaders are more likely to view certain data-related risks and organizational chaos factors as very high risk
Q: How do you view the following data-related risk and organizational chaos factors in your organization? (Very high risk)
Although most executives say their approach to cybersecurity is reactive, they are starting to move toward a more proactive approach: 62% say they have already adopted or are in the process of adopting a Zero Trust system for their organizations — a proactive approach that has grown in popularity as computing moves beyond the network perimeter.
This sits alongside a reactive approach: 61% say that adopting cyber recovery, which restores critical data and systems after a cyber attack or data breach, is on their organization's agenda. Just 43% say they are using AI as a cybersecurity defense measure. As organizations rapidly advance their AI adoption, they are missing out on a valuable way to boost their cybersecurity (Figure 11).
Figure 11:Proactive cybersecurity is growing in popularity
Q: Is adopting the following cybersecurity solutions on the agenda for your organization? (Already adopted or in the process of adopting)
Organizations recognize the need to do more to prepare, but only around half have already begun to take action:
14% say that their current IT infrastructure is ready to support post-quantum cryptography technologies.
71% say that their cybersecurity readiness is currently insufficient to withstand the challenges posed by quantum cryptography incursions.
52% say they are in the process of working toward post-quantum cryptography solutions.
