SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Privacy, regulations and data breaches fuel demand for encryption services
Wed, 29th Jun 2016
FYI, this story is more than a year old

Thales' 2016 Encryption Application Trends Study has found that the financial services, healthcare, pharmaceutical, technology and software industries are the main users of encryption in business applications, which demonstrates how regulations, privacy and data breaches are becoming increasingly important in the industries.

The study, conducted by the Ponemon Institute and sponsored by Thales, surveyed 5009 industry professionals across 14 sectors in 11 countries including Australia, Japan and India. The study aimed to find out how organisations are benchmarking their encryption techniques against others in similar industries and countries.

The survey found that extensive encryption use rose 7% to 41% of respondents, the highest increase the report has documented so far in its 11-year history.

"The findings of this study demonstrate the importance of both encryption and key management across a wide range of industries and core enterprise applications – from networking, databases and application level encryption to PKI, payments, public and private cloud computing," says Dr Larry Ponemon, chairman and founder of The Ponemon Institute.

The most critical features in encryption applications are performance and latency, which the survey shows the increased adoption of encryption services that must not negatively impact normal business operations.

In addition, more mature organisations are more likely to enact Hardware Security Models (HSMs), alongside SSL/TLS database encryption and application level encryption. More extensive HSM use also reports 'lower levels of key management pain'.

The survey also discovered that encryption is most commonly used in Internet SSL/TLS communications, databases and laptop hard drives.

"The increased usage of encryption can be traced to many factors, chief among them being cyber-attacks, privacy compliance regulations and consumer concerns. Additionally, the continuing rise of cloud computing as well as prominent news stories related to encryption and access to associated keys have caused organizations to evolve their strategy and thinking with respect to encryption key control and data residency," says John Grimm, senior director security strategy at Thales e-Security.

The survey shows that cloud security encryption and on-premise encryption are the second most important desired feature in encryption applications, which further hints at the trend towards cloud-based and cryptographic services.

"Our global research shows that significantly more companies are embracing an enterprise-wide encryption strategy, and demanding higher levels of performance, cloud-friendliness, and key management capabilities from their encryption applications," says Grimm.