Story image

Privacy, regulations and data breaches fuel demand for encryption services

29 Jun 16

Thales' 2016 Encryption Application Trends Study has found that the financial services, healthcare, pharmaceutical, technology and software industries are the main users of encryption in business applications, which demonstrates how regulations, privacy and data breaches are becoming increasingly important in the industries.

The study, conducted by the Ponemon Institute and sponsored by Thales, surveyed 5009 industry professionals across 14 sectors in 11 countries including Australia, Japan and India. The study aimed to find out how organisations are benchmarking their encryption techniques against others in similar industries and countries.

The survey found that extensive encryption use rose 7% to 41% of respondents, the highest increase the report has documented so far in its 11-year history.

"The findings of this study demonstrate the importance of both encryption and key management across a wide range of industries and core enterprise applications – from networking, databases and application level encryption to PKI, payments, public and private cloud computing," says Dr Larry Ponemon, chairman and founder of The Ponemon Institute.

The most critical features in encryption applications are performance and latency, which the survey shows the increased adoption of encryption services that must not negatively impact normal business operations.

In addition, more mature organisations are more likely to enact Hardware Security Models (HSMs), alongside SSL/TLS database encryption and application level encryption. More extensive HSM use also reports 'lower levels of key management pain'.

The survey also discovered that encryption is most commonly used in Internet SSL/TLS communications, databases and laptop hard drives.

"The increased usage of encryption can be traced to many factors, chief among them being cyber-attacks, privacy compliance regulations and consumer concerns. Additionally, the continuing rise of cloud computing as well as prominent news stories related to encryption and access to associated keys have caused organizations to evolve their strategy and thinking with respect to encryption key control and data residency," says John Grimm, senior director security strategy at Thales e-Security.

The survey shows that cloud security encryption and on-premise encryption are the second most important desired feature in encryption applications, which further hints at the trend towards cloud-based and cryptographic services.

"Our global research shows that significantly more companies are embracing an enterprise-wide encryption strategy, and demanding higher levels of performance, cloud-friendliness, and key management capabilities from their encryption applications," says Grimm.

Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
Businesses too slow on attack detection – CrowdStrike
The 2018 CrowdStrike Services Cyber Intrusion Casebook reveals IR strategies, lessons learned, and trends derived from more than 200 cases.
What disaster recovery will look like in 2019
“With nearly half of all businesses experiencing an unrecoverable data event in the last three years, current backup solutions are no longer fit for purpose."
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.
Symantec and Fortinet partner for integration
The partnership will deliver essential security controls across endpoint, network, and cloud environments.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
25% of malicious emails still make it through to recipients
Popular email security programmes may fail to detect as much as 25% of all emails with malicious or dangerous attachments, a study from Mimecast says.