FTAPI Report: companies redefine secure data transfer

FTAPI: The current FTAPI report on secure data transfer shows that more and more companies are recognising the need to secure their data exchange. That’s a good sign, right?

Ari Albertini: Definitely! Currently, 86% of the companies we surveyed as part of our study are using solutions for secure data transfer. Leading the pack are companies in the finance sector, where over 90% are using solutions for secure data transmission. This shows that awareness of the need for secure transfer methods has increased. However, there are still obstacles preventing some companies from implementing secure solutions. In other words, we still have quite a bit to do if we want to achieve widespread data security.

FTAPI: What exactly are these obstacles? What reasons do companies give for not using secure solutions?

Ari Albertini: The top three reasons are the use of physical data carriers, high costs, and a lack of know-how. The physical data carriers part really surprised us. Maybe it’s because it’s virtually impossible to find a USB stick here in our office. But seriously, in an age where secure digital processes are crucial competitive factors, data exchange on physical media just shouldn’t be part of everyday business anymore. It also shows that companies still face unforeseen obstacles when transitioning to digital solutions.

FTAPI: Topics like NIS-2 and other regulatory requirements are currently being discussed. Does that influence the decisions of companies when it comes to secure data transfer solutions?

Ari Albertini: Regulations like the GDPR and NIS-2 aim to increase security in companies and, above all, create a uniform security standard across Europe. NIS-2 is planned to come into force in October this year – for that reason alone, companies need to address this topic. Compliance with such regulations is not only a legal necessity, but also a crucial factor in gaining and maintaining the trust of customers and business partners. In our report, almost 60% of the companies surveyed said that legal requirements are the reason they are using solutions for secure data transfer. Laws and regulations are therefore one of the main drivers. The only stronger motivation is the desire to minimise data protection risks, which two-thirds of the companies surveyed aim to achieve.

FTAPI: What are the biggest challenges when implementing secure data transfer solutions?

Ari Albertini: Nearly half of the companies (47%) find the implementation of encrypted data transfer solutions to be complex, and therefore hesitate to adopt the corresponding solutions. There is still significant reluctance that needs to be overcome. This is often due to a lack of resources and expertise within the companies. Here, specialised providers and consulting services can help facilitate the implementation.

FTAPI: Were there any findings that particularly surprised you?

Ari Albertini: One of the biggest surprises was that only about 20% of companies consider the origin of the provider to be important, even though legal regulations like the GDPR stipulate that personal data must not leave the EU. Additionally, 14% of companies report that they do not process sensitive data digitally. That’s hard to believe, especially considering that 99% of companies in Germany are networked, meaning they are connected to the internet, and they process sensitive data like personnel records or sickness notifications. This discrepancy suggests that there are still companies that are not fully aware of the risks and regulations.

FTAPI: What happens next? What steps should companies take to improve their data security?

Ari Albertini: Awareness of cybersecurity is growing, but there is still work to be done. Companies need to consider not only the increasingly severe threat landscape but also comply with legal requirements. It’s important to invest in the right partners and solutions to clear existing roadblocks. Internal training and collaboration with external experts play a key role in this process.

FTAPI: Are there any specific events or conferences you would recommend to our readers for further education?

Ari Albertini: Yes, definitely! At the beginning of 2025, CPT 2025 will take place in Munich under the motto "Connect. Protect. Transform." This event brings together the who’s who of the cybersecurity industry and provides an excellent opportunity to network and learn about the latest developments. I highly recommend securing a ticket and attending. Events like this are ideal for staying informed about the latest threats and solutions and for exchanging ideas with experts.