In-depth

The encryption maturity curve

Davey Winder puts forward a strategic business case for encryption.

Spending on encryption within the enterprise is increasing, and the latest Thales/Ponemon Global Encryption Trends Study suggests that it's now being seen more as a strategic business issue rather than just something for the IT department.

At the same time, separate research from Kaspersky Lab reveals that more than a third of companies do not use encryption at all.

Advertisement - Article continues below

The Kaspersky study, which questioned some 5,000 senior IT managers, produced some pretty disturbing numbers. Just over a third (34 per cent) are not using file and folder level encryption and 17 per cent have absolutely no plans to do so in the future. Some 36 per cent are not using full disk encryption and 18 per cent have no plans to do so.

This apparent lack of concern when it comes to security within the enterprise leaves corporate data at risk of exposure should a breach occur. Indeed, simply not employing the most basic safeguard of encryption is worrying at a business strategy level.

The historical record shows us that when a breach occurs, be that corporate espionage, accidental leakage or concerted hacker attack, the damage to business branding is far greater when the data stolen is left unencrypted. Where customer logins, passwords, financial data is exposed the risk to them individually is obvious, but the reputational ripple effect on any company that fails to take adequate measures to protect that data spreads much further and last longer.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Thankfully, according to the latest Ales and Ponemon Institute study into encryption trends, enterprises are increasingly viewing encryption and key management as being strategic business issues. What's more, businesses are increasing investment in encryption across the enterprise.

The Global Encryption Trends Study has a few things going in its favour, not least historical data stretching back over eight years now that provides a real insight into adoption rates and strategic trends. Indeed, it reveals that there has been a very steady increase in the deployment of encryption in the enterprise over those eight years - spending on encryption as a percentages of the overall IT security budget has risen from 10 per cent in 2005 to 18 per cent in 2012. One of the interesting changes is that rather than being driven purely by IT security professionals, it appears that there is a noticeable switch to encryption being perceived as a strategic issue amongst business leaders, with 'business managers' now becoming the most influential group when it comes to establishing an encryption strategy in the US for the first time for example. Of course, while business leaders are becoming more influential with regards to encryption use, IT leaders remain the most important link in the encryption determination chain globally for now.

Advertisement - Article continues below

However, this move to a strategic investment outside of the IT department shouldn't really come as any great surprise, given the amount of media coverage there has been of high profile data breaches at some very large concerns. The report reveals, however, that when it comes to most significant perceived threats to exposing sensitive data it is employee error, system malfunction and forced disclosure through legal e-discovery requests that outweigh concern over hackers and attackers.

Featured Resources

Navigating the new normal: A fast guide to remote working

A smooth transition will support operations for years to come

Download now

Putting a spotlight on cyber security

An examination of the current cyber security landscape

Download now

The economics of infrastructure scalability

Find the most cost-effective and least risky way to scale

Download now

IT operations overload hinders digital transformation

Clearing the path towards a modernised system of agreement

Download now
Advertisement

Most Popular

Visit/laptops/29190/how-to-find-ram-speed-size-and-type
Laptops

How to find RAM speed, size and type

24 Jun 2020
Visit/policy-legislation/data-protection/356344/eu-institutions-warned-against-purchasing-any-further
data protection

EU institutions told to avoid Microsoft software after licence spat

3 Jul 2020
Visit/mobile/mobile-phones/356335/the-man-has-ruined-my-huawei-p40
Mobile Phones

The Man has ruined my Huawei P40

3 Jul 2020