Over a quarter (29%) of European organisations are unable to fully utilise data within their organisation due to challenges with data security, according to an IDC InfoBrief sponsored by Immuta.  

This data security "gap" results from organisations grappling with increasingly complex IT and data infrastructures internally, leading to vast siloes of sensitive data. Businesses must manage this alongside the external risk of rising cyber-attacks in Europe: 58% of UK organisations experienced an increase in cyberattacks in the last 12 months, followed by 49% in DACH (Germany, Austria, and Switzerland) and 47% in the Nordic countries.

According to insights from 108 European organisations, data security is rising rapidly to the top of the CEO's agenda: 45% will prioritise spending on data security, risk and compliance this year to enable trustworthy data collaboration and sharing, followed by workplace solutions (36%), application development and deployment platforms (35%), infrastructure and operations (33%) and automation technologies (31%). 

Organisations must also address a new blind spot caused by shadow data - a side effect of data sprawl in the cloud - with only 42% of European businesses selecting “confident” or “highly confident” in their ability to discover and classify sensitive data, both known and unknown, in the public cloud.

Meanwhile, evolving privacy regulations are creating tension between digital innovation and data sovereignty: only 15% of European organisations are highly confident in their ability to discover and classify sensitive data to protect it. 

Additionally, when managing compliance with GDPR, the biggest challenges facing organisations stem from identifying and mapping personal data (41%), creating data protection by design (40%), data retention and deletion (38%) and data security (35%). 

In the UK, organisations cited working from home and hybrid work as the top operational security priority for 2023, followed by cyber resilience of systems and data privacy and regulatory compliance. 58% described their organisation as "confident" or "highly confident" in its ability to discover and classify sensitive data, both known and unknown, in the public cloud - a significant increase on the European average (42%). 56% of UK organisations will expand or upgrade data access and governance technology in the next 12 months.

“The reality is that organisations are typically operating with data spread across multiple platforms and locations, all whilst navigating a rapidly evolving privacy and regulatory landscape,” says Colin Mitchell, general manager at Immuta. 

“Data is a critical asset for organisations, enabling collaboration, innovation and informing decisions. However, as data usage increases, businesses need to manage unauthorised access, breaches and misuse. This creates a complex dynamic between data utility - the usefulness and accessibility of data - and the security and compliance measures in place to protect data from risks.”  

Looking ahead, organisations are exploring ways to build trust in data by streamlining their security operations and rationalising their existing security tool environment: 49% of respondents are all working within a security plan to expand or upgrade the implementation of data access controls in the next 12 months. Nearly a third of European organisations (32%) also intend to increase spending on data discovery and classification to overcome complexity challenges. 

The IDC InfoBrief identifies how convergence to a data security platform enhances sensitive data protection across hybrid, multicloud environments, while enabling authorised users to utilise the data for business purposes effectively.