Hackers have turned to automation as a way to efficiently orchestrate attacks against a large number of targets. Combined with increasingly sophisticated malware, organizations have reason to be a little concerned about the effectiveness of their traditional, perimeter-based defenses such as firewalls. ComputerWeekly columnist Warwick Ashford noted what he believes is a failure of traditional data security models.

Part of the problem is on the organizational end of things. It's difficult to manage data as it travels between different systems. Meanwhile, cybercriminals are gaining the ability to do significantly more damage with less time and money invested, making the threat landscape highly diverse as well as more efficient. According to Warwick, organizations still spend 80 percent of their IT security budgets on perimeter-based measures. In addition, businesses rarely allocate a significant amount of resources on detection or risk response, which can end up costing them when a data breach does occur.

The growing complexity of threats has made corporate data infinitely more difficult to manage, and, as Warwick put it, all organizations must operate under the assumption that their network could be breached. This means that businesses must invest in data-centric security solutions in order to protect their digital assets.

"[T]here is a lot of work to be done in improving the maturity of information security in organizations," Warwick wrote. "Many are still stuck in an elementary approach that focuses on static controls; or a compliance-based security approach that is all about ticking boxes rather than protecting data."

Effective solutions must scale
One of the factors limiting traditional network defenses is that they don't scale very well. As organizational needs expand, or even as a company shifts focus, it can quickly outgrow its security solutions. TechWorld writer Hamish Barwick recently highlighted enterprise mobility as an example of just how quickly IT security dynamics can evolve in the business world.

According to Barwick, as employees started bringing their personal devices to work, many assumed that solutions such as the corporate firewall would protect their smartphones and other devices. This assumption led to lax personal security and poor data protection practices. As trends like these continue, it is likely to become more important to ensure all employees are aware of the proper way to handle corporate information and which assets need to be protected using data encryption software.