Report: Data Security Tools Fail Against Ransomware 60% of the Time

Highlights:

• Enterprises must be able to encrypt data-in-use to cover their trails and defend against information exfiltration and double extortion ransomware attacks.
• The problem with traditional information security tools is not that they lack effective security controls but that criminals may get around them by obtaining credentials to gain access to sensitive data.

Today, information security provider Titaniam Inc. released the State of Information Exfiltration & Extortion Report, which found that while more than 70% of organizations currently have a set of prevention, detection, and response options, almost 40% have experienced ransomware attacks in the past year.

The findings suggest that traditional data security tools, like secure backup and recovery tools, solutions that offer encryption at rest and in transit, tokenization and data masking, are failing to protect enterprises’ data against ransomware threats 60% of the time

The results show that 60 per cent of the time, traditional information security tools – including safe backup and restoration tools, solutions that provide encryption at rest and in transit, tokenization, and data masking – fail to protect businesses’ data from ransomware threats.

Above all, the investigation shows that enterprises cannot afford to rely just on traditional information security tools to defend against information exfiltration and double extortion ransomware attacks; they must be able to encrypt data-in-use to prevent malicious actors in their tracks.

The problem with traditional information security tools is not that they lack effective security controls but that criminals may get around them by obtaining credentials to gain access to sensitive data.

The founder and CEO of Titaniam, Arti Raman, stated, “These conventional instruments are ineffective towards ransomware and extortion as a result of the most typical assaults are to about attackers “hacking” in however reasonably attackers “logging in” utilizing stolen credentials. When this occurs, conventional safety instruments view attackers like they might legitimate customers”.

Raman stated, “On this state of affairs, as attackers transfer by the community, they will use their credentials to decrypt, detokenize, and unmask information like an authentic consumer or administrator would as they went about their day-to-day work. As soon as the info has been decrypted, attackers exfiltrate it and use it as leverage for extortion,”.

Raman believes that the shift towards exfiltration happened around mid to late 2020 when cybercriminals began incorporating information exfiltration to realize extra leverage over victims by utilizing backup and restoration options.

The one solution to defend against the intrusions typical of contemporary ransomware assaults is for organizations to deploy information safety options with encryption-in-use. Encryption-in-use may also help obscure information so that attackers, who’ve obtained privileged entry to enterprise sources, are unable to exfiltrate it.

The info encryption market

The necessity for enhanced information safety has contributed to major development within the data encryption market, which was valued at USD 9,434.76 in 2020 by researchers. The market is anticipated to reach USD 42,267.99 by 2030, as organizations aim to keep unauthorized users at bay.

Gartner, too, has predicted that the data encryption market will become more popular. According to it, by 2023, 40 per cent of enterprises will use multisite, hybrid, and multi-colour information encryption techniques, up from less than five per cent currently.

One of the newest players on the scene, Titaniam, raised six million dollars as part of a seed funding round at the beginning of this year. The firm provides businesses with an information security platform with encryption-in-use to protect data from unauthorized users who have obtained privileged access.

It faces competition from vendors like IBM Safety Guardium Information Encryption, which offers businesses information security tools like information masking, tokenization, and key management to protect data in the cloud, digital, and on-premises environments.

Recently, IBM reported increased fourth-quarter sales of USD 16.7 billion.

Similarly, Fortanix holds a significant position in the market with a Runtime Encryption technology that uses encryption to prevent information from being revealed in plaintext. In 2019, a Series B fundraising round included UDD 23 million in funding for Fortanix.

However, the main distinction between Titaniam and other information encryption providers is that it is not dependent on tokenization. This suggests that encryption-in-use doesn’t interfere with fully functional search and analytics features, providing a solution that balances enhanced security measures without compromising the user experience.