Industry Brief

Technology (Hi-tech): 2023 Sensitive Content Communications Privacy and Compliance

Industry Findings and Takeaways

Highlights

Communication Tools in Use

25%

7+

25%

6

28.5%

5

21.5%

Less than 4

Average Annual Budget for Communication Tools

14.5%

$500,000+

21.5%

$350,000 – $499,999

27%

$250,000 – $349,999

30.5%

$150,000 – $249,999

7%

$100,000 – $149,999

Number of Third Parties With Which They Exchange Sensitive Content

18%

5,000+

25%

2,500 – 4,999

41%

1,000 – 2,499

10.5%

500 – 999

5.5%

Less than 499

Attack Vector Weighted Score (based on ranking)

100

DNS Tunneling

93

SQL Injection

90

Cross-site Scripting

77

Password/Credential Attacks

76

Denial of Service

74

URL Manipulation

60

Zero-day Exploits and Attacks

60

Rootkits

52

Phishing

41

Session Hijacking

38

Malware (ransomware, trojans, etc.)

32

Man in the Middle

25

Insider Threats

Exploits of Sensitive Content Communications in Past Year

7%

10+

16%

7 – 9

57%

4 – 6

19.5%

2 – 3

Level of Satisfaction With 3rd-party Communication Risk Management

9%

Requires a New Approach

46%

Significant Improvement Needed

38%

Some Improvement Needed

7%

Minor Improvement Needed

Schedule a Demo

Growing Cyber Threat Landscape in the Technology Sector

Technology companies are a primary target by adversaries conducting data theft and extortion campaigns. According to Crowdstrike’s 2023 Global Threat Report, the technology sector was the most frequently targeted vertical with advanced interactive intrusion activity, reflecting an increase compared with the relative frequency of intrusions in the top 10 industry verticals from the prior 12 months.1 These attacks targeted everything from highly confidential intellectual property (IP) to personally identifiable information (PII) and have led to a flurry of privacy regulations. A report by the World Economic Forum reveals that 73% of organizations believe cyber and privacy regulations are effective in reducing their cyber risks.2 This is a significant shift from the year before, where more than half of respondents did not agree with the same statement.

When Too Many Communication Tools Spell Trouble for Sensitive Data

Kiteworks’ 2023 Sensitive Content Communications Privacy and Compliance Report finds tech companies, along with most organizations across industry sectors, use multiple disaggregated communication tools. Half of tech companies use six or more systems for sensitive file and email content communications. The more communication tools an organization uses, the more difficult it becomes to manage and protect sensitive data. This leads to compliance violations, brand damage, lost revenue, and diminished efficiencies. The need to purchase and manage individual sensitive communication toolsets drives up both capital expenses (CapEx) and operating expenses (OpEx). For technology companies, 36% spend $350,000 or more per year for communication tools used to exchange sensitive content.

36% of tech companies spend over $350,000 annually for communication tools used to send and share sensitive content.

Evaluating Third-party Content Communication Risks

Tech companies are highly vulnerable to third-party content communication risks. The Kiteworks report shows that 85.5% of tech firms use four or more systems to manage content communications with third parties. Tech companies list email as the communication channel posing the biggest risk, with 1 in 3 respondents ranking it number one. Application programming interfaces (APIs) supporting sensitive content communications came in second, with about 1 in 5 respondents ranking APIs as their top risk channel. When asked if they have a comprehensive system to track and control access to sensitive content folders for all content types and departments, only 23% of tech companies said they have such.

What’s even more alarming is that 4 out of 5 tech firms have experienced four or more exploits of sensitive content communications in the past year. This is a serious concern, and it explains why 93% of tech firms believe they need to improve their approach to mitigating the risks associated with third-party content communication. Out of this number, more than three-quarters (84%) require significant or some improvements, while 9% call for a new approach.

4 out of 5 tech firms have experienced four or more exploits of sensitive content communications in the past year.

Tech Companies Must Prioritize Digital Risk Management

One of the key reasons tech companies struggle to protect their file and email data communications is their difficulty in embracing digital rights management. Only 25% of tech companies track and record third-party access to sensitive files and folders across all departments, with 39.5% tracking only for certain departments and 21.5% tracking for specific content types. Top priorities tech companies list around digital rights management include providing easy, secure access to all content repositories without migration (61% gave it a rank of #1 to #4) and protecting content in motion from malicious threats (58% gave it a rank of #1 to #4).

Kiteworks and Tech Companies

It is crucial for tech firms to adopt a proactive approach to mitigate file and email communication privacy and compliance risks. They have numerous use cases, including sharing proprietary code internally and with third-party developers, collaborating on product development, distributing software updates, exchanging customer data, sharing product test data, sharing proprietary algorithms and research, and more. Kiteworks offers tech companies a comprehensive approach to secure their sensitive content communications and manage the associated risks. Comprehensive governance tracking and controls enable tech companies to restrict access to content, controlling who can view and edit it, to whom it can be shared and sent, and where it is sent and shared.

1 “2023 Global Threat Report,” Crowdstrike, February 2023.
2 “Global Cybersecurity Outlook,” World Economic Forum, January 2023.

 

Get started.

It’s easy to start ensuring regulatory compliance and effectively managing risk with Kiteworks. Join the thousands of organizations who feel confident in their content communications platform today. Select an option below.

Lancez-vous.

Avec Kiteworks, se mettre en conformité règlementaire et bien gérer les risques devient un jeu d’enfant. Rejoignez dès maintenant les milliers de professionnels qui ont confiance en leur plateforme de communication de contenu. Cliquez sur une des options ci-dessous.

Jetzt loslegen.

Mit Kiteworks ist es einfach, die Einhaltung von Vorschriften zu gewährleisten und Risiken effektiv zu managen. Schließen Sie sich den Tausenden von Unternehmen an, die sich schon heute auf ihre Content-Kommunikationsplattform verlassen können. Wählen Sie unten eine Option.

Comienza ahora.

Es fácil empezar a asegurar el cumplimiento normativo y gestionar los riesgos de manera efectiva con Kiteworks. Únete a las miles de organizaciones que confían en su plataforma de comunicación de contenidos hoy mismo. Selecciona una opción a continuación.

Share
Tweet
Share
Explore Kiteworks