Data Security Index

Trends, insights and strategies

to secure data
 October Data Security 2
2023 Index

Foreword

In a time being defined by a surge of data, it has become increasingly

clear that an organisation’s data is nothing less than its lifeblood.
The wealth of data created and used by organisations powers critical
operations, informs strategic and global decision-making and shapes
the possibilities for their futures. Data is not merely a resource – it is
the beating heart of modern enterprises.

Yet, with this increased reliance on data comes the stark reality that
vulnerabilities in the digital shadows are real and quickly expanding.
Cyber threats, data breaches and insider risk incidents are no longer
rare occurrences; they are pervasive and escalating, posing risks
to organisations that depend on data. Of the decision makers we
surveyed recently, 89% said they view their data security posture
as critical to their overall success.

In this white paper, we embark on an exploration of that fundamental

imperative: the protection of your organisation’s data. My team and
I are excited to share our findings with you – and hopefully start
a dialogue around how to continue to push data security forward
collectively toward excellence. Our learnings exemplify how data
security is at a critical juncture – while security decision makers agree
it’s essential to the safety of their data, and most say they’re confident
in what they’re doing, they’re simultaneously experiencing a plethora
of data security incidents and challenges. And, 80% of the leaders we
spoke to recognise that a best-in-suite, integrated approach is
superior to point-solutions, but most companies are still using
a fragmented, multi-tool system to protect their data – which is
often resulting in more security incidents instead of fewer.

We welcome you to read and share this latest report and treat it as the
beginning of new conversations with our teams on how we can best
help secure our collective future.

Rudra Mitra
Corporate Vice President
Microsoft Data Security and Compliance
 October Data Security 3
2023 Index

Introduction

Preventing data breaches and other security

incidents continue to be a constant concern
for security and risk decision makers – and
a cornerstone of any cybersecurity program –
because a single breach can cause significant
reputational and financial damage.
Organisations are tasked with protecting
a wide range of sensitive data – including
employee and customer information,
intellectual property, financial forecasts
and operational data.

To understand current data security practices

and trends as well as identify opportunities
for organisations to enhance data security,
Microsoft commissioned an independent
research agency, Hypothesis Group, to
conduct a multi-national survey among over
800 data security professionals. This report
presents five key findings from the research
including trends, insights and strategies to
secure data.
Key Findings
1 2 3
Decision makers think
they’re protected, but
reality doesn’t match
perceptions.
While most decision makers
say they are satisfied and
confident with their data
security solutions, they’re
still experiencing an average
of 59 data security incidents
a year, with costly impacts.
October
2023
Having more tools
does not mean
greater data security
or efficiency – it’s the
opposite.
80% of decision makers
agree that comprehensive,
integrated solutions are
superior to manual, best-of-
breed solutions – and yet
organisations’ approach
to tools continues to be
fragmented, using an
average of 10+ data security
tools. But those with the
most tools also experience
more data security incidents,
suggesting that the greater
the tool proliferation, the
weaker the security.
Data Security 4
Index
Organisations continue
to be plagued by the
stress of external and
internal data security
incidents, especially
in business data.
50% of organisations
surveyed have experienced
a ransomware or malware
attack in the past year – and
many decision makers don’t
believe their organisation is
fully prepared to prevent and
address future ones. Internally,
malicious insiders are a top
concern. Additionally,
organisations are highly
concerned about the
vulnerability of their business
data. This again underscores
the need for a security
platform that addresses
risks comprehensively.
Key Findings
October Data Security 5
2023 Index

4 5
Organisations need
Cloud and AI to drive
Automation and AI are
promising avenues of
digital transformation – greater protection.
but they’re also the
Organisations want their
most vulnerable teams to spend less time on
data locations. detection and more time on
prevention. Automation can
Cloud applications and AI allow teams to focus more
technology have become on proactive measures, while
essential for organisations’ using AI for data security
collaboration and productivity – helps organisations be more
however, this evolution has strategic and get smarter
also created more dynamic about future threats.
and multifaceted risks. As
organisations embrace AI,
enhancing data security
to enable responsible and
safe use becomes critical.
 October Data Security 6
2023 Index

Decision makers think

they’re protected,
but reality doesn’t
match perceptions.

Decision makers think
they’re protected, but reality
doesn’t match perceptions.
On the surface, decision makers project high
levels of confidence and satisfaction with
their data security solutions, the majority
of organisations agree their data security
controls are sufficient in preventing data from
being breached, they feel they know where
most of their data resides and that they
can detect a majority of risks around data.
At the same time, organisations continue
to experience a substantial volume of data
security incidents – an average of 59 in the
past 12 months, with a fifth of those being
considered ‘severe’. The impact of these
incidents is widespread as on average,
organisations estimate that the total financial
cost of their most severe data security incident
is around USD 244K – meaning annual
incidents can cost up to USD 15 million.
On top of these costs, four in 10 decision
makers also say the operational cost to
recover for a data security incident and loss
of business from reputational damage is of
high concern.
59
Average number of data
security incidents in the
past 12 months
October Data Security 7
2023 Index
In addition, 92% face challenges, primarily
in the areas of cost, integration and time to
implement, which inhibit their ability to further
invest in data security, underscoring the need
for more budget-friendly and labour-efficient
solutions.
The perception of confidence in data security
readiness differs from the reality of incidents
organisations are experiencing. Even though
it is important for organisations to know
where data is located and detect risks, these
measures individually, or separately, are not
enough to help organisations prevent the
incidents that keep data security and risk
decision makers up at night.
As one CISO (Chief Information Security
Officer) in financial services puts it, “I can’t
go tell my board of directors ‘I secured the
data, I just didn’t protect it’… the last thing
we want to see is our bank failing to deliver
on the front page of the Wall Street Journal.”
USD 15M
UP TO
Annual cost of severe
security incident
 October Data Security 8
2023 Index

Having more tools

does not mean
greater data security
or efficiency – it’s the
opposite.
 October Data Security 9
Having more tools does not 2023 Index

mean greater data security or

efficiency – it’s the opposite.

Organisations are coming to realise that years
of a point solution approach has created gaps
in visibility and efficiency due to siloed data
security tools. That trend is now giving way
to a desire to have an integrated solution
for data security with 80% agreeing that
a comprehensive data security platform
with integrated solutions is superior to using
multiple best-of-breed solutions that have
to be manually integrated and managed.
Yet even though the vast majority consider
integrated solutions superior, data security
tool usage is prolific and fragmented.
As a result, organisations report using 10 data
security tools on average to address data
security risks, including Data Loss Prevention,
Information Protection, Insider Risk
Management, Security Information & Event
Management (SIEM), Cloud Access Security
Broker and more. For organisations with over
5,000 employees, the average number of tools
is even greater.
Having more tools may be creating a false
sense of security, as those who use more tools
(16+) are more confident in their data security
posture compared to those who use fewer
tools (61% versus 56%).

However, research contradicts that sense

of security, as organisations with 16 or more
tools, also experienced more data security
incidents in the past year – an average of
133 – compared to 48 incidents for
organisations with fewer tools.

Agree that a comprehensive security platform

80% with integrated solutions is superior to using

multiple best-of-breed solutions that have to
be manually integrated and managed.

2.8× For organisations with 16 or more tools

More data security
(compared to organisations with fewer tools)
incidents in the past year

The case for greater data security through more
integrated solutions and fewer tools becomes
even stronger when looking at the sentiments
and practices of those who prefer best-of-breed
solutions or more tools.
“How is data going to be
gathered, aggregated and used
from quite a few systems? A lot
of different data points need to
be put together in one ecosystem
for it to really work. Or else you
really have a Swiss cheese
version of data security.”
VP of IT
Manufacturing/Production
October Data Security 10
2023 Index
First, multiple disparate data security tools
can lead to gaps in visibility and more shadow
data. In fact, those who are concerned about
shadow data are more likely to prefer
best-of-breed solutions. This is most likely
because organisations with a best-of-breed
approach need to take more effort to gain
a comprehensive visibility into their data
security posture.
Second, managing siloed solutions brings
more complexity to data security teams, as
each disparate solution requires dedicated
staff, endpoint agent installation and
maintenance and various new processes.
Take alerts review and triage, one of the tasks
that need staff and resources, as an example.
An increasing number of alerts means extra
efforts required of data security teams when
managing isolated solutions. Organisations
with more tools receive an average of 96 data
security alerts per day, while teams with fewer
tools receive less than half that amount, with
44. In addition, they aren’t able to review as
many of these alerts as teams with fewer tools
can (61%, compared with 68%). This often also
results in organisations with more tools being
more reactive compared to organisations who
use a lower volume of tools.
 October Data Security 11
2023 Index

Lastly, more tools also indicate that
organisations must exert extensive effort
to integrate insights and remediation plans,
and information can become lost in translation.
When asked about the top data security
challenges, the cost of implementing or
maintaining data security solutions and
challenges integrating data security solutions
are ranked as the top two.
“Right now, we’re crawling. Every one of the
systems that we have, they all have their own
portals, their own tools, their own ways of dealing
with things. Each person goes their own way,
where they’re the expert. Then they all get back
together and decide what is going on, and we
address it from there. So, it’s a bit of manual work
at this point,” stated a Director of Infrastructure
& Operations in manufacturing and production.

This translates to longer, slower processes,
with 37% of those who use 16 or more tools
reporting needing one month or longer
to complete a data security investigation
compared to only 21% of those with fewer tools.
Ultimately, by choosing to continue with multiple
solutions, organisations are ignoring their own
talk of understanding that integrated solutions
are superior and walking in the opposite
direction – costing them time and money.

OUTCOMES OF THOSE WHO USE FEWER (<16)

VERSUS MORE (16+) DATA SECURITY TOOLS Low Volume High Volume
of Tools of Tools

Number of data security incidents in the past 12 months 48 133

Proportion of severe data security incidents 19% 26%

Our current data security strategy is more reactive 31% 40%

Challenged with integrating solutions 24% 39%

Data security team spends most time on response 19% 26%

We are confident with our data security posture 56% 61%

Number of alerts received per day on average 44 96

Proportion of alerts we can review per day 68% 61%

One month or longer needed

21% 37%
to complete a data security investigation
 October Data Security 12
2023 Index

Organisations continue
to be plagued by the
stress of external and
internal data security
incidents, especially
in business data.

Organisations continue to be
plagued by the stress of external
and internal data security incidents,
especially on business data.
As factors around data – including the people
who interact with data, activities around data
and devices and apps used to process data –
are constantly evolving, data security incidents
and data breaches can happen anytime and
anywhere. And, these threats come from both
external attackers as well as trusted personnel,
including employees, contractors and partners.
Whether maliciously or inadvertently, all players
can cause data security incidents – which means
there’s a constant need to protect across
a multitude of areas.
A VP of IT in financial services said, “What you
are trying to protect against is always changing.
It’s a moving target. It’s always going to be
evolving, changing and flexible. What you are
protecting and where it lives is only going to
get more varied.”
While data security incidents can come from
various sources, the external threat of
malware or ransomware incidents – instances
where malicious software infiltrates a system,
providing attackers with unauthorised access to
systems or networks – are far and away the most
common, with 50% of organisations surveyed
having experienced at least one in the past year.
October Data Security 13
2023 Index
50%
Had data security incident
caused by malware
or ransomware
in the past year
In addition, these attacks are where
organisations feel the most vulnerable, with
41% saying they feel least prepared to handle
future malware or ransomware attacks in the
next year. This sense of vulnerability is even
higher among those that prefer a best-of-
breed approach – 44% feel unprepared for
an attack of this nature, compared to only
36% of those who prefer an integrated solution.
Securing against and preventing insider risk
is also top of mind for decision makers. 35%
say they need to shore up defences against
malicious insiders and compromised accounts,
and a third are concerned with inadvertent
insider incidents. Although malicious insider
incidents may not be the leading cause of data
security breaches, they are the second most
common type of incident decision makers
feel least prepared to prevent.
 October Data Security 14
2023 Index

“At least once a month,

I get a call from a panicked
director... ‘we’ve had an Insiders are trusted individuals who
event, I’ve uncovered an typically have been granted access to,
or possess knowledge of, company
event or the threat team has resources, data or systems that are
uncovered an event.’ Some not generally available to the public.
of them are unintentional, Consequently, the data security risks
associated with insiders tend to be more
some are people not elusive and difficult to detect. As Bret
knowing or understanding Arsenault, the CISO of Microsoft,
what their privileges allow.” indicated “Ultimately, it doesn’t matter if
the breach was intentional or accidental.
US Government CISO Insider risk programs should be part of
every company’s security strategy.”

DATA SECURITY INCIDENTS SUMMARY

Most common incidents Least prepared to prevent

Causes of data security incidents in the past 12 months in the next 12 months

Malware or ransomware 50% 41%

Compromised accounts 38% 35%

Denial-of-service (DoS) attacks 35% 33%

Negligent insiders 32% 29%

Inadvertent insiders 31% 32%

Malicious insiders 31% 35%

Physical property 29% 29%

 October Data Security 15
2023 Index

The data security solutions that organisations
choose must also work for a variety of sensitive
data, including high-value business data,
operational data and personal data. During
data security incidents in the past 12 months,
74% of organisations have had business data
exposed, 65% saw operational data
compromised and 58% experienced personal
data being made vulnerable. Among the
various types of data, intellectual property,
IT and network design and PII has been
compromised or exposed most often.
Looking ahead, 77% of organisations perceive
business data, such as intellectual property
and source code, as the most vulnerable.
This is primarily because business data plays
a crucial role in establishing competitive
advantages and revenue generation.
However, identifying and classifying such
data can be challenging, as traditional pattern
recognition, regular expression or function
match technology may not effectively identify
content that lacks specific string formats or
keywords. In turn, organisations need more
advanced technologies to help discover and
protect those vulnerable sensitive data.

TYPES OF DATA MOST AT RISK IN THE NEXT 12 MONTHS

77% Business Data 64% Operational Data 63% Personal Data

Personal Identifiable
Intellectual property 30% IT and network design 29% 31%
Information (PII)

Human resources
Source code 28% Financial statements 18% information 21%
(payroll, resume, etc.)

Payment card industry

Business plans 27% Sales and revenue reports 15% 18%
(PCI) data

Protected Health
Trade secrets 24% Procurement & invoice 12% 18%
Information (PHI)

Legal documents/
Merger & acquisition files 20% 12% Credentials 17%
agreements

Manufacturing
Construction specifications 18% 11%
processes/batch files
 October Data Security 16
2023 Index

Organisations need
Cloud and AI to drive
digital transformation –
but they’re also
the most vulnerable
data locations.
 October Data Security 17
Organisations need Cloud and 2023 Index

AI to drive digital transformation

– but they’re also the most
vulnerable data locations.
Collaboration through cloud applications and
platforms, combined with new AI technology,
significantly enhances employee productivity
and enables flexible work arrangements, making
cloud applications and AI technology essential
for organisations. On average, organisations
now utilise 147 public cloud services spanning
SaaS, PaaS and IaaS.1 And, 66% of organisations
have developed an AI strategy, with 36% already
implementing it.2 However, this evolution has
created more dynamic and multifaceted risks,
due to the difficulty of clearly defining data
boundaries across various environments.
1. Measuring Risk and Risk Governance, Cloud Security Alliance (CSA), 2022
2. Microsoft data security AI research, Hypothesis, Mar 2023
It’s now even more crucial to have the
right data security solution for these high-
productivity data locations. In the past
12 months, 42% of organisations reported
security incidents in cloud storage and
31% in emails, instant messaging, or online
meeting tools. Incidents seem to be most
common where the most productivity and
collaboration happen.
Managing these types of incidents takes
resources, and 79% of organisations report
that their data security team needs more
people to effectively manage critical data
security responsibilities. However, among the
organisations who claim to need more people,
the majority (57%) prefer a best-in-breed
approach. This preference highlights that
organisations that use more solutions may
struggle more to identify the true risks among
the myriad user activities.

DATA LOCATIONS SUMMARY

Data Locations Compromised in past 12 months Most at risk

Cloud storage (e.g., Box, OneDrive, Google Drive) 42% 54%

Emails/Instant messaging/Online meeting tools 31% 39%

Platform-as-a-Service (PaaS) 29% 34%

Infrastructure-as-a-Service (IaaS) 28% 36%

AI (e.g., ChatGPT, Bard, etc.) 27% 38%

SaaS-based databases/data lakes 27% 41%

Endpoints/devices 25% 36%

On-prem repositories/file shares/databases 24% 28%

Shadow data 21% 23%

Line-of-business applications 17% 25%

Developer tools 16% 23%

 October Data Security 18
2023 Index

With over a third of organisations
implementing AI strategy, and more on the
way, AI is being adopted at an unprecedented
rate, much speedier than cloud and email
adoption in the past. As organisations
embrace AI, enhancing data security to enable
responsible use and prevent risk becomes
essential. AI is considered a top at-risk location
for data security incidents, compared to other
locations and 27% of organisations have
experienced an AI data security breach.
Organisation’s concerns around the risks
of using AI centre around a lack of control
over data shared with AI, lack of controls to
detect and mitigate risky use of AI, lack of
transparency around how generative AI
models are trained and leak of confidential
information through AI.
“AI is good for productivity and efficiency,
but it has potential security and data risks.”
An enterprise a Security Decision Maker stated.
While concerns around AI exist, decision makers
can also see the potential, especially as suppliers
in the market are developing innovations to help
empower businesses through responsible AI use.
To further utilise AI, however, organisations
report top controls they need are to detect
malicious or risky content in AI, encrypt, mask
or anonymise data before it can be uploaded to
AI, and identify sensitive data generated by AI.
TOP FIVE DATA SECURITY
CONTROLS NEEDED FOR AI

Detect malicious or
1
risky content in AI

Encrypt, mask or anonymised data

2
before it can be uploaded to AI

Identify sensitive data

3
generated by AI

Prevent sensitive data

4
from being uploaded to AI

Detect model or
5
data manipulation in AI
 October Data Security 19
2023 Index

Automation and AI
are promising avenues
of greater protection.

Automation and AI
are promising avenues
of greater protection.
In an ideal world, without constraints based
on organisational priorities or budget, half of
organisations would like to be more proactive
around data security management, spending
more time on things like discovery of sensitive
data and associated risks around it and
prevention of data security incidents. Currently
though, more than half of organisations spend
the most time focusing on reactive measures
like detection of incidents, response and
investigations. And this detection and response
to data security incidents is time-intensive –
it takes most organisations about a month to
resolve a data security incident and for some,
resolution can take up to six months.
OUTCOMES OF ORGANISATIONS THAT ARE
MORE PROACTIVE VERSUS REACTIVE
Average cost impact of a data security
incident in the past 12 months
Complete a data security investigation
in less than a month on average
Our defence controls are sufficient
in preventing data breaches
October Data Security 20
2023 Index
The benefit of adopting a more proactive
strategy is evident, as the organisations
surveyed that are more proactive already
experience less costly data security incidents,
are more likely to be able to investigate those
incidents in less than a month and are more
likely to believe their defence controls are
sufficient in preventing data breaches.
While organisations are aware that proactive
data security measures can help reduce data
security risks, they are not making progress
in implementing those measures. For example,
those seeking to be more proactive by
allocating more time to prevention are more
likely to choose best-of-breed solutions, which
actually demand greater efforts in handling
reactive measures when bringing in detection
signals and response controls together.
More Proactive More Reactive
USD 207k USD 330k
80% 68%
77% 68%
 October Data Security 21
2023 Index

As resources and staff are limited and

TOP FIVE AREAS DATA SECURITY TEAMS
the allocation of effort between activities
PREFER TO AUTOMATE/ALLEVIATE
might not be ideal, organisations are
looking for technology to help them
to set aside more time for proactive Reactive
activities. Automation is one way for Creating automated workflows for
1
organisations to make time for a more incident management and response
proactive approach to data security. 74%
of organisations surveyed would prefer
semi or fully-automated risk mitigation,
which allows security teams to minimise 2 Creating data security reports
the impact of potential data security
incidents ahead of time over manual
Reactive
reviews. Furthermore, organisations
recognise many other tasks that could Responding to and containing
3
benefit from automation, such as data security incidents
creation of data security reports,
automation of incident management
workflow and the response to and Routing incidents to the right teams
investigation of incidents. Most of the 4
(e.g., SOC, legal, HR) during investigations
top tasks that security teams want to
automate are reactive measures. By
automating these tasks, organisations
can alleviate the burden on their data 5 Investigating data security incidents
security teams, enabling them to
embrace a more proactive stance.

"There is so much risky data

to manually evaluate. AI can
help in speeding up our team’s
response times and protect
data as we are under-resourced.”
UK Security Decision Maker
 October Data Security 22
2023 Index

Using AI for data security can also help

organisations be more strategic and get TOP SCENARIOS WHERE AI IS USED
smarter about future threats. The technology
speeds up the response to detected incidents,
Automatically block
buying data security professionals time to
inappropriate sharing of data
investigate further. Similar to automation,
organisations cite many scenarios where
AI can help provide stronger security, thus Detect critical data security
saving their team’s time. Top scenarios risks/anomalous data activities
for AI use include automatically blocking
inappropriate sharing of data, detecting critical Recommendations to better secure
data security risks/ anomalous data activities your data environment
and investigating potential data security
incidents.
Investigate potential
By leveraging the benefits of AI and automation data security incidents
and moving towards more integrated solutions,
organisations can embrace a more proactive
data security strategy and set themselves up Finetune data security policies
for a more secure future.
 October Data Security 23
2023 Index

Final Recommendations

Adopt an integrated platform to

strengthen data security posture

Guard against data security incidents

from both outside in and inside out
with a defence-in-depth approach

Upgrade your data security

strategies with AI and automation
Final Recommendations
October Data Security 24
2023 Index

Adopt an integrated platform

to strengthen data security posture

According to the findings in this research, fewer solutions can bring more security. It may
seem counter-intuitive, but organisations must combat the false sense of confidence that
arises from a multitude of isolated solutions. Supplier consolidation offers a strategic
approach that not only reduces costs, but also enhances security.

Data security decision makers can initiate this transformation by empowering their teams
to dedicate more time to strategic work like researching and planning for new security
controls and optimising security policies – something 84% of decision makers agree they
want to be doing. This process involves replacing legacy siloed solutions, which are often
considered ‘best-of-breed’, but fail to integrate effectively with other tools.

Decision makers can foster close collaboration with their teams to establish data security
program goals and key performance indicators (KPIs). They can then progress by defining
solution requirements and identifying non-negotiable features. This approach empowers
them to pinpoint vendors capable of providing tools that align with their overarching
objectives. Crucially, it promotes a forward-thinking mindset and helps teams avoid
becoming overly fixated on existing practices or isolated use cases, allowing them to
implement necessary changes towards a more integrated approach.

An integrated data security platform should empower security teams to do all these
critical tasks seamlessly:

1. Discover and protect sensitive data within their digital landscape.

2. Detect critical risks associated with this data.

3. Prevent unauthorised use of sensitive data while not

impacting legitimate business activities.

By implementing an integrated data security strategy, organisations can achieve a higher

level of protection while simultaneously simplifying their security infrastructure.
Final Recommendations
October Data Security 25
2023 Index

Guard against data security incidents from both outside

in and inside out with a defence-in-depth approach

Data security incidents commonly result from external attackers, malicious insiders or
inadvertent insiders. Organisations must take measures to safeguard their data, both
by preventing unauthorised access from external threats and by mitigating the risk of
insider theft or accidental data exposure.

To tackle these challenges, organisations can adopt a defence-in-depth approach to

data security. This strategy is analogous to a museum’s protection of priceless artworks:
cutting-edge security cameras equipped with threat intelligence monitor visitors,
ticketing systems manage identity and access to the museum and stringent security
measures around the artworks operate similarly to data security controls protecting
your valuable data. These measures discourage potential incidents, whether it originates
from external bad actors or individuals already within the organisation’s environment.

Combating evolving data security risks requires a concerted effort across the
organisation to implement this defence-in-depth strategy. Data security team’s
collaboration with other departments, such as Security Operations Centre (SOC),
can optimise data security investment. Notably, 66% of organisations that consider
themselves proactive interact with their SOC team, compared to 54% who do not.

Like teamwork across security teams, data security solutions should also seamlessly
integrate with other systems, such as Extended Detection and Response (XDR) or Identity
and Access Management (IAM) solutions, to effectively prevent data security incidents
from both external and internal sources. These integrations enable organisations to
conduct comprehensive investigations and responses to security incidents, gaining
a thorough understanding of the affected data, actors and activities and responding
with multiple mitigation controls. Consequently, this empowers them to make informed,
precise and prompt responses to minimise the impact of potential security incidents.
Final Recommendations
October Data Security 26
2023 Index

Upgrade your data security strategies

with AI and automation
Automation and AI can help organisations be more proactive in data security. Here are
some recommendations for your organisation to embark on the automation and AI journey:

• Discover sensitive data: Utilise AI to assist in identifying sensitive data and applying
protection policies, including encryption and rights management. This is particularly
valuable for business data that may pose challenges for detection through traditional
pattern recognition technologies. Organisations can leverage classification technology,
such as machine learning or AI-powered classifiers, known for their intelligence and
ability to swiftly locate sensitive content based on data context or business category.
Alternatively, organisations can employ exact data matching technology to
discover operational or personal data.

Furthermore, as industry regulations evolve (e.g., GDPR, HIPAA or PCI DSS) and data land-
scape become more dynamic, it is crucial to possess advanced classification technology
that is customisable and easily adaptable to identify new categories of sensitive data.

• Detect critical data security risks: Harness the power of AI to pinpoint critical risks
associated with your sensitive data and allocate resources strategically to address
potential high-risk incidents. AI technologies can generate high-fidelity alerts, allowing
security teams to save valuable time that would otherwise be spent sifting through an
abundance of false-positive alerts. Moreover, AI can assist organisations in identifying
elusive risks, particularly when malicious actors attempt to evade detection. It is
imperative to utilise machine speed to outpace these threat actors.

• Prevent data security incidents dynamically: Use AI and automation to tailor your
prevention and mitigation controls automatically based on assessed risks, enabling
a more adaptable and proactive data security strategy. When AI-powered solutions
detect and evaluate risks, automated prevention controls can swiftly engage to safeguard
the data, applying mitigation controls precisely to the high-risk areas. For instance,
in cases where early indicators of data exfiltration intent are detected by high-risk users,
organisations can apply more stringent Data Loss Prevention (DLP) policies, proactively
staying ahead of potential data security incidents.

We hope you find the insights and recommendations

in this report helpful to enhance your data security posture
and fortify your organisation against evolving risks.
To learn more about Microsoft Data Security,
visit https://aka.ms/DataSecurityNews
Detailed Research
October Data Security 27
2023 Index

Objectives, Methodology
and Audience Recruit

The objectives of the research included: To meet the screening criteria,

Data Security Decision Makers needed to be:
1 Understand the data security landscape,
CISO and adjacent decision makers (C-2 and
including priorities, mindsets
above) with purview over data security​
and challenges
Work at Enterprise organisations (500+
employees; range of sizes)​
2 Map the cause and effect of data
security incidents and identify actions Mix of regulated and non-regulated industries
that data security teams can take to (no education, government, or non-profit)
enhance data security posture

3 Explore the future of data security,

including emerging strategies and Of the 822 Data Security Decision Makers
innovations around using AI for surveyed for the research, completes
data security by country were:

US 329

Methodology was: UK 322

A 15-minute multi-national online survey was Australia 171

conducted July 28-August 9, 2023, among
822 data security decision makers.

Questions centred around the data security

landscape, how data security teams allocate
their resources, data security incidents and
attitudes toward and use of artificial
intelligence (AI) for data security.

© Hypothesis Group 2023. © Microsoft 2023.

All rights reserved. 10/23