Data Security Index

Trends, insights, and strategies

to secure data
 October Data Security 2
2023 Index

Foreword

In a time being defined by a surge of data, it has become increasingly

clear that an organization’s data is nothing less than its lifeblood. The
wealth of data created and used by organizations powers critical
operations, informs strategic and global decision-making, and shapes
the possibilities for their futures. Data is not merely a resource – it is
the beating heart of modern enterprises.

Yet, with this increased reliance on data comes the stark reality that
vulnerabilities in the digital shadows are real and quickly expanding.
Cyber threats, data breaches, and insider risk incidents are no longer
rare occurrences; they are pervasive and escalating, posing risks to
organizations that depend on data. Of the decision makers we
surveyed recently, 89% said they view their data security posture as
critical to their overall success.

In this white paper, we embark on an exploration of that fundamental

imperative: the protection of your organization’s data. My team and I
are excited to share our findings with you – and hopefully start a
dialogue around how to continue to push data security forward
collectively toward excellence. Our learnings exemplify how data
security is at a critical juncture – while security decision makers agree
it’s essential to the safety of their data, and most say they’re confident
in what they’re doing, they’re simultaneously experiencing a plethora
of data security incidents and challenges. And, 80% of the leaders we
spoke to recognize that a best-in-suite, integrated approach is
superior to point-solutions, but most companies are still using a
fragmented, multi-tool system to protect their data – which is often
resulting in more security incidents instead of fewer.

We welcome you to read and share this latest report and treat it as the
beginning of new conversations with our teams on how we can best
help secure our collective future.

Rudra Mitra
Corporate Vice President
Microsoft Data Security and Compliance
 October Data Security 3
2023 Index

Introduction

Preventing data breaches and other

security incidents continue to be a constant
concern for security and risk decision
makers – and a cornerstone of any
cybersecurity program – because a single
breach can cause significant reputational
and financial damage. Organizations are
tasked with protecting a wide range of
sensitive data – including employee and
customer information, intellectual property,
financial forecasts, and operational data.

To understand current data security

practices and trends as well as identify
opportunities for organizations to enhance
data security, Microsoft commissioned an
independent research agency, Hypothesis
Group, to conduct a multi-national survey
among over 800 data security professionals.
This report presents five key findings from
the research including trends, insights, and
strategies to secure data.
Key Findings
October Data Security 4
2023 Index

1 2 3
Decision makers think
they’re protected,
Having more
tools does not mean
Organizations continue
to be plagued by the
but reality doesn’t greater data security stress of external and
match perceptions. or efficiency – it’s internal data security
the opposite. incidents, especially in
While most decision makers
say they are satisfied and business data.
80% of decision makers
confident with their data agree that comprehensive, 50% of organizations
security solutions, they’re integrated solutions are surveyed have experienced a
still experiencing an average superior to manual, best-of- ransomware or malware attack
of 59 data security incidents breed solutions – and yet in the past year – and many
a year, with costly impacts. organizations’ approach to decision makers don’t believe
tools continues to be their organization is fully
fragmented, using an prepared to prevent and
average of 10+ data security address future ones. Internally,
tools. But those with the malicious insiders are a top
most tools also experience concern. Additionally,
more data security incidents, organizations are highly
suggesting that the greater concerned about the
the tool proliferation, the vulnerability of their business
weaker the security. data. This again underscores
the need for a security platform
that addresses risks
comprehensively.
Key Findings
October Data Security 5
2023 Index

4 5
Organizations need
Cloud and AI to drive
Automation and AI
are promising avenues
digital transformation of greater protection.
– but they’re also
Organizations want their teams
the most vulnerable to spend less time on
data locations. detection and more time on
prevention. Automation can
Cloud applications and AI allow teams to focus more on
technology have become proactive measures, while
essential for organizations’ using AI for data security helps
collaboration and productivity organizations be more
– however, this evolution has strategic and get smarter
also created more dynamic and about future threats.
multifaceted risks. As
organizations embrace AI,
enhancing data security to
enable responsible and safe
use becomes critical.
1
October Data Security 6
2023 Index

Decision makers
think they’re protected,
but reality doesn’t
match perceptions.
 October Data Security 7
Decision makers think 2023 Index

they’re protected, but reality

doesn’t match perceptions.

On the surface, decision makers project high In addition, 92% face challenges, primarily in
levels of confidence and satisfaction with their the areas of cost, integration, and time to
data security solutions, The majority of implement, which inhibit their ability to further
organizations agree their data security invest in data security, underscoring the need
controls are sufficient in preventing data from for more budget-friendly and labor-efficient
being breached, they feel they know where solutions.
most of their data resides, and that they can
detect a majority of risks around data. The perception of confidence in data security
readiness differs from the reality of incidents
At the same time, organizations continue to organizations are experiencing. Even though it
experience a substantial volume of data is important for organizations to know where
security incidents – an average of 59 in the data is located and detect risks, these
past 12 months, with a fifth of those being measures individually, or separately, are not
considered ‘severe’. The impact of these enough to help organizations prevent the
incidents is widespread as on average, incidents that keep data security and risk
organizations estimate that the total financial decision makers up at night.
cost of their most severe data security incident
is around $244K – meaning annual incidents As one CISO (Chief Information Security
can cost up to $15 million. On top of these Officer) in financial services puts it, “I can’t go
costs, four in 10 decision makers also say tell my board of directors ‘I secured the data, I
the operational cost to recover for a data just didn’t protect it’… the last thing we want to
security incident and loss of business from see is our bank failing to deliver on the front
reputational damage is of high concern. page of the Wall Street Journal.”

59
Average number of data
$15M
UP TO

security incidents in the Annual cost of severe

past 12 months security incident
2
October Data Security 8
2023 Index

Having more tools

does not mean
greater data security
or efficiency – it’s
the opposite.
 October Data Security 9
Having more tools does not 2023 Index

mean greater data security or

efficiency – it’s the opposite.

Organizations are coming to realize that years As a result, organizations report using 10 data
of a point solution approach has created gaps security tools on average to address data
in visibility and efficiency due to siloed data security risks, including Data Loss Prevention,
security tools. That trend is now giving way to Information Protection, Insider Risk
a desire to have an integrated solution for data Management, Security Information & Event
security with 80% agreeing that a Management (SIEM), Cloud Access Security
comprehensive data security platform with Broker, and more. For organizations with over
integrated solutions is superior to using 5,000 employees, the average number of tools
multiple best-of-breed solutions that have to is even greater.
be manually integrated and managed.
Having more tools may be creating a false
Yet even though the vast majority consider sense of security, as those who use more tools
integrated solutions superior, data security tool (16+) are more confident in their data security
usage is prolific and fragmented. posture compared to those who use fewer
tools (61% vs. 56%).

However, research contradicts that sense of

security, as organizations with 16 or more
tools, also experienced more data security
incidents in the past year – an average of 133 –
compared to 48 incidents for organizations
with fewer tools.

Agree that a comprehensive security platform

80% with integrated solutions is superior to

using multiple best-of-breed solutions that
have to be manually integrated and managed.

2.8x For organizations with 16 or more tools

More data
(compared to organizations with fewer tools)
security incidents
in the past year
 October Data Security 10
2023 Index

The case for greater data security through more First, multiple disparate data security tools can
integrated solutions and fewer tools becomes lead to gaps in visibility and more shadow
even stronger when looking at the sentiments and data. In fact, those who are concerned about
practices of those who prefer best-of-breed shadow data are more likely to prefer best-of-
solutions or more tools. breed solutions. This is most likely because
organizations with a best-of-breed approach
need to take more effort to gain a
comprehensive visibility into their data security
posture.
“How is data going to be
Second, managing siloed solutions brings more
gathered, aggregated, and used complexity to data security teams, as each
from quite a few systems? A lot disparate solution requires dedicated staff,
of different data points need to endpoint agent installation and maintenance,
and various new processes. Take alerts review
be put together in one ecosystem and triage, one of the tasks that need staff and
for it to really work. Or else resources, as an example. An increasing
you really have a Swiss cheese number of alerts means extra efforts required
of data security teams when managing isolated
version of data security.” solutions. Organizations with more tools
receive an average of 96 data security alerts
VP of IT
per day, while teams with fewer tools receive
Manufacturing/Production
less than half that amount, with 44. In addition,
they aren’t able to review as many of these
alerts as teams with fewer tools can (61%,
compared with 68%). This often also results in
organizations with more tools being more
reactive compared to organizations who use a
lower volume of tools.
 October Data Security 11
2023 Index

Lastly, more tools also indicate that “Right now, we're crawling. Every one of the
organizations must exert extensive effort to systems that we have, they all have their own
integrate insights and remediation plans, and portals, their own tools, their own ways of dealing
information can become lost in translation. with things. Each person goes their own way,
When asked about the top data security where they're the expert. Then they all get back
challenges, the cost of implementing or together and decide what is going on, and we
maintaining data security solutions and address it from there. So, it's a bit of manual work
challenges integrating data security solutions at this point,” stated a Director of Infrastructure
are ranked as the top two. & Operations in manufacturing and production.

This translates to longer, slower processes, with Ultimately, by choosing to continue with multiple
37% of those who use 16 or more tools solutions, organizations are ignoring their own
reporting needing one month or longer to talk of understanding that integrated solutions
complete a data security investigation are superior and walking in the opposite
compared to only 21% of those with fewer tools. direction – costing them time and money.

OUTCOMES OF THOSE WHO USE FEWER (<16)

VERSUS MORE (16+) DATA SECURITY TOOLS Low Volume High Volume
of Tools of Tools

Number of data security incidents in the past 12 months 48 133

Proportion of severe data security incidents 19% 26%

Our current data security strategy is more reactive 31% 40%

Challenged with integrating solutions 24% 39%

Data security team spends most time on response 19% 26%

We are confident with our data security posture 56% 61%

Number of alerts received per day on average 44 96

Proportion of alerts we can review per day 68% 61%

One month or longer needed

21% 37%
to complete a data security investigation
3
October Data Security 12
2023 Index

Organizations
continue to be plagued
by the stress of external
and internal data security
incidents, especially
in business data.
 October Data Security 13
2023 Index

Organizations continue to be
plagued by the stress of external and

50%
internal data security incidents,
especially on business data.
Had data security incident
caused by malware
As factors around data – including the people
or ransomware in
who interact with data, activities around data,
the past year
and devices and apps used to process data – are
constantly evolving, data security incidents and
data breaches can happen anytime and
anywhere. And, these threats come from both
external attackers as well as trusted personnel,
including employees, contractors, and partners.
Whether maliciously or inadvertently, all players In addition, these attacks are where
can cause data security incidents – which means organizations feel the most vulnerable, with
there’s a constant need to protect across a 41% saying they feel least prepared to handle
multitude of areas. future malware or ransomware attacks in the
next year. This sense of vulnerability is even
A VP of IT in financial services said, “What you higher among those that prefer a best-of-
are trying to protect against is always changing. breed approach – 44% feel unprepared for an
It’s a moving target. It’s always going to be attack of this nature, compared to only 36% of
evolving, changing, and flexible. What you are those who prefer an integrated solution.
protecting and where it lives is only going to
get more varied.” Securing against and preventing insider risk is
also top of mind for decision makers. 35% say
While data security incidents can come from they need to shore up defenses against
various sources, the external threat of malicious insiders and compromised accounts,
malware or ransomware incidents - instances and a third are concerned with inadvertent
where malicious software infiltrates a system, insider incidents. Although malicious insider
providing attackers with unauthorized access to incidents may not be the leading cause of
systems or networks - are far and away the most data security breaches, they are the second
common, with 50% of organizations surveyed most common type of incident decision
having experienced at least one in the past year. makers feel least prepared to prevent.
 October Data Security 14
2023 Index

“At least once a month,

I get a call from a panicked
director... ‘we’ve had an Insiders are trusted individuals who
event, I’ve uncovered an typically have been granted access to, or
possess knowledge of, company
event, or the threat team has resources, data, or systems that are not
uncovered an event.’ Some of generally available to the public.
them are unintentional, Consequently, the data security risks
associated with insiders tend to be more
some are people not elusive and difficult to detect. As Bret
knowing or understanding Arsenault, the CISO of Microsoft,
what their privileges allow.” indicated “Ultimately, it doesn’t matter if
the breach was intentional or accidental.
US Government CISO Insider risk programs should be part of
every company’s security strategy.”

DATA SECURITY INCIDENTS SUMMARY

Most common incidents Least prepared to prevent

Causes of data security incidents in the past 12 months in the next 12 months

Malware or ransomware 50% 41%

Compromised accounts 38% 35%

Denial-of-service (DoS) attacks 35% 33%

Negligent insiders 32% 29%

Inadvertent insiders 31% 32%

Malicious insiders 31% 35%

Physical property 29% 29%

 October Data Security 15
2023 Index

The data security solutions that organizations Looking ahead, 77% of organizations perceive
choose must also work for a variety of sensitive business data, such as intellectual property
data, including high-value business data, and source code, as the most vulnerable. This
operational data, and personal data. During is primarily because business data plays a
data security incidents in the past 12 months, crucial role in establishing competitive
74% of organizations have had business data advantages and revenue generation. However,
exposed, 65% saw operational data identifying and classifying such data can be
compromised and 58% experienced personal challenging, as traditional pattern recognition,
data being made vulnerable. Among the regular expression, or function match
various types of data, intellectual property, IT technology may not effectively identify
and network design, and PII has been content that lacks specific string formats or
compromised or exposed most often. keywords. In turn, organizations need more
advanced technologies to help discover and
protect those vulnerable sensitive data.

TYPES OF DATA MOST AT RISK IN THE NEXT 12 MONTHS

77% Business Data 64% Operational Data 63% Personal Data

Personal Identifiable
Intellectual property 30% IT and network design 29% 31%
Information (PII)

Human resources
Source code 28% Financial statements 18% information 21%
(payroll, resume, etc.)

Payment card industry

Business plans 27% Sales and revenue reports 15% 18%
(PCI) data

Protected Health
Trade secrets 24% Procurement & invoice 12% 18%
Information (PHI)

Legal documents/
Merger & acquisition files 20% 12% Credentials 17%
agreements

Manufacturing
Construction specifications 18% 11%
processes/batch files
4
October Data Security 16
2023 Index

Organizations need
Cloud and AI to drive
digital transformation
– but they’re also
the most vulnerable
data locations.
 October Data Security 17
Organizations need Cloud and 2023 Index

AI to drive digital transformation

– but they’re also the most It’s now even more crucial to have the right
data security solution for these high-
vulnerable data locations. productivity data locations. In the past 12
months, 42% of organizations reported security
Collaboration through cloud applications and incidents in cloud storage and 31% in emails,
platforms, combined with new AI technology, instant messaging, or online meeting tools.
significantly enhances employee productivity Incidents seem to be most common where the
and enables flexible work arrangements, making most productivity and collaboration happen.
cloud applications and AI technology essential
for organizations. On average, organizations Managing these types of incidents takes
now utilize 147 public cloud services spanning resources, and 79% of organizations report that
SaaS, PaaS, and IaaS.1 And, 66% of organizations their data security team needs more people to
have developed an AI strategy, with 36% already effectively manage critical data security
implementing it.2 However, this evolution has responsibilities. However, among the
created more dynamic and multifaceted risks, organizations who claim to need more people,
due to the difficulty of clearly defining data the majority (57%) prefer a best-in-breed
boundaries across various environments. approach. This preference highlights that
organizations that use more solutions may
struggle more to identify the true risks among
1. Measuring Risk and Risk Governance, Cloud Security Alliance (CSA), 2022 the myriad user activities.
2. Microsoft data security AI research, Hypothesis, Mar 2023

DATA LOCATIONS SUMMARY

Data Locations Compromised in past 12 months Most at risk

Cloud storage (e.g., Box, OneDrive, Google Drive) 42% 54%

Emails/Instant messaging/Online meeting tools 31% 39%

Platform-as-a-service (PaaS) 29% 34%

Infrastructure-as-a-service (IaaS) 28% 36%

AI (e.g., ChatGPT, Bard, etc.) 27% 38%

SaaS-based databases/data lakes 27% 41%

Endpoints/devices 25% 36%

On-prem repositories/file shares/databases 24% 28%

Shadow data 21% 23%

Line-of-business applications 17% 25%

Developer tools 16% 23%

 October Data Security 18
2023 Index

With over a third of organizations “AI is good for productivity and efficiency, but it
implementing AI strategy, and more on the has potential security and data risks.” An
way, AI is being adopted at an unprecedented enterprise a Security Decision Maker stated.
rate, much speedier than cloud and email
adoption in the past. As organizations embrace While concerns around AI exist, decision makers
AI, enhancing data security to enable can also see the potential, especially as vendors
responsible use and prevent risk becomes in the market are developing innovations to help
essential. AI is considered a top at-risk location empower businesses through responsible AI use.
for data security incidents, compared to other To further utilize AI, however, organizations
locations, and 27% of organizations have report top controls they need are to detect
experienced an AI data security breach. malicious or risky content in AI, encrypt, mask, or
Organization’s concerns around the risks of anonymize data before it can be uploaded to AI,
using AI center around a lack of control over and identify sensitive data generated by AI.
data shared with AI, lack of controls to detect
and mitigate risky use of AI, lack of
transparency around how generative AI models TOP 5 DATA SECURITY CONTROLS
are trained, and leak of confidential NEEDED FOR AI
information through AI.

Detect malicious or
1
risky content in AI

Encrypt, mask, or anonymized data

2
before it can be uploaded to AI

Identify sensitive data

3
generated by AI

Prevent sensitive data

4
from being uploaded to AI

Detect model or
5
data manipulation in AI
5
October Data Security 19
2023 Index

Automation and AI
are promising avenues
of greater protection.
 October Data Security 20
2023 Index

Automation and AI
are promising avenues
The benefit of adopting a more proactive
of greater protection. strategy is evident, as the organizations
surveyed that are more proactive already
experience less costly data security incidents,
In an ideal world, without constraints based on are more likely to be able to investigate those
organizational priorities or budget, half of incidents in less than a month, and are more
organizations would like to be more proactive likely to believe their defense controls are
around data security management, spending sufficient in preventing data breaches.
more time on things like discovery of sensitive
data and associated risks around it and While organizations are aware that proactive
prevention of data security incidents. Currently data security measures can help reduce data
though, more than half of organizations spend security risks, they are not making progress in
the most time focusing on reactive measures implementing those measures. For example,
like detection of incidents, response, and those seeking to be more proactive by
investigations. And this detection and response allocating more time to prevention are more
to data security incidents is time-intensive – it likely to choose best-of-breed solutions, which
takes most organizations about a month to actually demand greater efforts in handling
resolve a data security incident and for some, reactive measures when bringing in detection
resolution can take up to six months. signals and response controls together.

OUTCOMES OF ORGANIZATIONS THAT ARE

MORE PROACTIVE VS. REACTIVE
More Proactive More Reactive

Average cost impact of a data security

$207k $330k
incident in the past 12 months

Complete a data security investigation

80% 68%
in less than a month on average

Our defense controls are sufficient

77% 68%
in preventing data breaches
 October Data Security 21
2023 Index

As resources and staff are limited and

TOP 5 AREAS DATA SECURITY TEAMS
the allocation of effort between activities
PREFER TO AUTOMATE/ALLEVIATE
might not be ideal, organizations are
looking for technology to help them to
set aside more time for proactive Reactive
activities. Automation is one way for Creating automated workflows for
1
organizations to make time for a more incident management and response
proactive approach to data security. 74%
of organizations surveyed would prefer
semi or fully-automated risk mitigation,
which allows security teams to minimize 2 Creating data security reports
the impact of potential data security
incidents ahead of time over manual
Reactive
reviews. Furthermore, organizations
recognize many other tasks that could Responding to and containing
3
benefit from automation, such as data security incidents
creation of data security reports,
automation of incident management
workflow, and the response to and
Routing incidents to the right teams
investigation of incidents. Most of the 4
(e.g., SOC, legal, HR) during investigations
top tasks that security teams want to
automate are reactive measures. By
automating these tasks, organizations
can alleviate the burden on their data 5 Investigating data security incidents
security teams, enabling them to
embrace a more proactive stance.

“There is so much risky data

to manually evaluate. AI can
help in speeding up our team’s
response times and protect
data as we are under-resourced.”
UK Security Decision Maker
 October Data Security 22
2023 Index

Using AI for data security can also help

organizations be more strategic and get TOP SCENARIOS WHERE AI IS USED
smarter about future threats. The technology
speeds up the response to detected
Automatically block
incidents, buying data security professionals
inappropriate sharing of data
time to investigate further. Similar to
automation, organizations cite many
scenarios where AI can help provide stronger Detect critical data security risks/
security, thus saving their teams time. Top anomalous data activities
scenarios for AI use include automatically
blocking inappropriate sharing of data, Recommendations to better
detecting critical data security risks/ secure your data environment
anomalous data activities, and investigating
potential data security incidents.
Investigate potential
By leveraging the benefits of AI and auto- data security incidents
mation and moving towards more integrated
solutions, organizations can embrace a more
proactive data security strategy, and set Fine-tune data security policies
themselves up for a more secure future.
 October Data Security 23
2023 Index

Final Recommendations

Adopt an integrated platform

to strengthen data security posture

Guard against data security incidents

from both outside in and inside out
with a defense-in-depth approach

Upgrade your data security

strategies with AI and automation
Final Recommendations
October Data Security 24
2023 Index

Adopt an integrated platform

to strengthen data security posture

According to the findings in this research, fewer solutions can bring more security. It may
seem counterintuitive, but organizations must combat the false sense of confidence that
arises from a multitude of isolated solutions. Vendor consolidation offers a strategic
approach that not only reduces costs but also enhances security.

Data security decision makers can initiate this transformation by empowering their teams
to dedicate more time to strategic work like researching and planning for new security
controls and optimizing security policies – something 84% of decision makers agree they
want to be doing. This process involves replacing legacy siloed solutions, which are often
considered 'best-of-breed' but fail to integrate effectively with other tools.

Decision makers can foster close collaboration with their teams to establish data security
program goals and key performance indicators (KPIs). They can then progress by defining
solution requirements and identifying non-negotiable features. This approach empowers
them to pinpoint vendors capable of providing tools that align with their overarching
objectives. Crucially, it promotes a forward-thinking mindset and helps teams avoid
becoming overly fixated on existing practices or isolated use cases, allowing them to
implement necessary changes towards a more integrated approach.

An integrated data security platform should empower security teams to do all these
critical tasks seamlessly:

1. Discover and protect sensitive data within their digital landscape.

2. Detect critical risks associated with this data.

3. Prevent unauthorized use of sensitive data while not

impacting legitimate business activities.

By implementing an integrated data security strategy, organizations can achieve a higher

level of protection while simultaneously simplifying their security infrastructure.
Final Recommendations
October Data Security 25
2023 Index

Guard against data security incidents from both outside

in and inside out with a defense-in-depth approach

Data security incidents commonly result from external attackers, malicious insiders, or
inadvertent insiders. Organizations must take measures to safeguard their data, both by
preventing unauthorized access from external threats and by mitigating the risk of
insider theft or accidental data exposure.

To tackle these challenges, organizations can adopt a defense-in-depth approach to

data security. This strategy is analogous to a museum’s protection of priceless artworks:
cutting-edge security cameras equipped with threat intelligence monitor visitors,
ticketing systems manage identity and access to the museum, and stringent security
measures around the artworks operate similarly to data security controls protecting your
valuable data. These measures discourage potential incidents, whether it originates from
external bad actors or individuals already within the organization's environment.

Combating evolving data security risks requires a concerted effort across the
organization to implement this defense-in-depth strategy. Data security team’s
collaboration with other departments, such as Security Operations Center (SOC), can
optimize data security investment. Notably, 66% of organizations that consider
themselves proactive interact with their SOC team, compared to 54% who do not.

Like teamwork across security teams, data security solutions should also seamlessly
integrate with other systems, such as Extended Detection and Response (XDR) or Identity
and Access Management (IAM) solutions, to effectively prevent data security incidents
from both external and internal sources. These integrations enable organizations to
conduct comprehensive investigations and responses to security incidents, gaining a
thorough understanding of the affected data, actors, and activities, and responding with
multiple mitigation controls. Consequently, this empowers them to make informed,
precise, and prompt responses to minimize the impact of potential security incidents.
Final Recommendations
October Data Security 26
2023 Index

Upgrade your data security strategies

with AI and automation
Automation and AI can help organizations be more proactive in data security. Here are
some recommendations for your organization to embark on the automation and AI journey:

• Discover sensitive data: Utilize AI to assist in identifying sensitive data and applying
protection policies, including encryption and rights management. This is particularly
valuable for business data that may pose challenges for detection through traditional
pattern recognition technologies. Organizations can leverage classification technology,
such as machine learning or AI-powered classifiers, known for their intelligence and
ability to swiftly locate sensitive content based on data context or business category.
Alternatively, organizations can employ exact data matching technology to
discover operational or personal data.

Furthermore, as industry regulations evolve (e.g., GDPR, HIPAA, or PCI DSS) and data land-
scape become more dynamic, it is crucial to possess advanced classification technology
that is customizable and easily adaptable to identify new categories of sensitive data.

• Detect critical data security risks: Harness the power of AI to pinpoint critical risks
associated with your sensitive data and allocate resources strategically to address
potential high-risk incidents. AI technologies can generate high-fidelity alerts, allowing
security teams to save valuable time that would otherwise be spent sifting through an
abundance of false-positive alerts. Moreover, AI can assist organizations in identifying
elusive risks, particularly when malicious actors attempt to evade detection. It is
imperative to utilize machine speed to outpace these threat actors.

• Prevent data security incidents dynamically: Use AI and automation to tailor your
prevention and mitigation controls automatically based on assessed risks, enabling a
more adaptable and proactive data security strategy. When AI-powered solutions detect
and evaluate risks, automated prevention controls can swiftly engage to safeguard the
data, applying mitigation controls precisely to the high-risk areas. For instance, in cases
where early indicators of data exfiltration intent are detected by high-risk users,
organizations can apply more stringent Data Loss Prevention (DLP) policies, proactively
staying ahead of potential data security incidents.

We hope you find the insights and recommendations

in this report helpful to enhance your data security posture
and fortify your organization against evolving risks.
To learn more about Microsoft Data Security,
visit https://aka.ms/DataSecurityNews
Detailed Research
October Data Security 27
2023 Index

Objectives, Methodology,
and Audience Recruit

The objectives of the research included: To meet the screening criteria,

Data Security Decision Makers needed to be:
1 Understand the data security landscape,
CISO and adjacent decision makers (C-2 and
including priorities, mindsets, above) with purview over data security
and challenges
Work at Enterprise organizations (500+
employees; range of sizes)
2 Map the cause and effect of data
security incidents and identify actions Mix of regulated and non-regulated industries
that data security teams can take to (no education, government, or non-profit)
enhance data security posture

3 Explore the future of data security,

including emerging strategies Of the 822 Data Security Decision Makers
and innovations around surveyed for the research, completes
using AI for data security by country were:

US 329

Methodology was: UK 322

A 15-minute multi-national online survey was Australia 171

conducted July 28-August 9, 2023, among
822 data security decision makers.

Questions centered around the data security

landscape, how data security teams allocate
their resources, data security incidents, and
attitudes toward and use of artificial
intelligence (AI) for data security.

© Hypothesis Group 2023. © Microsoft 2023.

All rights reserved. 10/23