In-depth

The encryption maturity curve

Davey Winder puts forward a strategic business case for encryption.

Spending on encryption within the enterprise is increasing, and the latest Thales/Ponemon Global Encryption Trends Study suggests that it's now being seen more as a strategic business issue rather than just something for the IT department.

At the same time, separate research from Kaspersky Lab reveals that more than a third of companies do not use encryption at all.

The Kaspersky study, which questioned some 5,000 senior IT managers, produced some pretty disturbing numbers. Just over a third (34 per cent) are not using file and folder level encryption and 17 per cent have absolutely no plans to do so in the future. Some 36 per cent are not using full disk encryption and 18 per cent have no plans to do so.

This apparent lack of concern when it comes to security within the enterprise leaves corporate data at risk of exposure should a breach occur. Indeed, simply not employing the most basic safeguard of encryption is worrying at a business strategy level.

The historical record shows us that when a breach occurs, be that corporate espionage, accidental leakage or concerted hacker attack, the damage to business branding is far greater when the data stolen is left unencrypted. Where customer logins, passwords, financial data is exposed the risk to them individually is obvious, but the reputational ripple effect on any company that fails to take adequate measures to protect that data spreads much further and last longer.

Thankfully, according to the latest Ales and Ponemon Institute study into encryption trends, enterprises are increasingly viewing encryption and key management as being strategic business issues. What's more, businesses are increasing investment in encryption across the enterprise.

The Global Encryption Trends Study has a few things going in its favour, not least historical data stretching back over eight years now that provides a real insight into adoption rates and strategic trends. Indeed, it reveals that there has been a very steady increase in the deployment of encryption in the enterprise over those eight years - spending on encryption as a percentages of the overall IT security budget has risen from 10 per cent in 2005 to 18 per cent in 2012. One of the interesting changes is that rather than being driven purely by IT security professionals, it appears that there is a noticeable switch to encryption being perceived as a strategic issue amongst business leaders, with 'business managers' now becoming the most influential group when it comes to establishing an encryption strategy in the US for the first time for example. Of course, while business leaders are becoming more influential with regards to encryption use, IT leaders remain the most important link in the encryption determination chain globally for now.

However, this move to a strategic investment outside of the IT department shouldn't really come as any great surprise, given the amount of media coverage there has been of high profile data breaches at some very large concerns. The report reveals, however, that when it comes to most significant perceived threats to exposing sensitive data it is employee error, system malfunction and forced disclosure through legal e-discovery requests that outweigh concern over hackers and attackers.

Featured Resources

Choosing a collaboration platform

Eight questions every IT leader should ask

Download now

Performance benchmark: PostgreSQL/ MongoDB

Helping developers choose a database

Download now

Customer service vs. customer experience

Three-step guide to modern customer experience

Download now

Taking a proactive approach to cyber security

A complete guide to penetration testing

Download now

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

8 Apr 2021
Roadmap 2021: What’s coming from 3CX
Advertisement Feature

Roadmap 2021: What’s coming from 3CX

30 Mar 2021