Virtualization Technology News and Information
Article
Search:
RSS
Follow VMblog.com:
Improve end user experience in VDI, DaaS and physical endpoint environments
Customer personal information is the number one data protection priority - nCipher 2020 Global Encryption Trends Study
As organizations accelerate digital initiatives such as cloud and the internet of things (IoT), and data volumes and types continue to rise, IT professionals cite protection of customer personal information as their number one priority, according to the 2020 Global Encryption Trends Study from the Ponemon Institute.

The Ponemon Institute has collaborated with nCipher Security, an Entrust Datacard company and world leader in hardware security modules (HSMs), on this multinational survey of how and why organizations deploy encryption, now in its fifteenth year.

Threats, drivers and priorities

For the first time, protecting consumer personal information is the top driver for deploying encryption (54% of respondents), outranking compliance, which ranked fourth (47%). Traditionally compliance with regulations was the top driver for deploying encryption, but has dropped in priority since 2017, indicating that encryption is transitioning from a requirement to a proactive choice to safeguard critical information.

Employee mistakes continue to be the biggest threat to sensitive data (54%) and significantly outweigh concerns over attacks by hackers (29%), or malicious insiders (20%). In contrast, the least significant threats cited include government eavesdropping (11%) and lawful data requests (12%).

Data discovery the number one challenge

With the proliferation of data from digital initiatives, cloud use, mobility, IoT devices and the advent of 5G networks, data discovery continues to be the biggest challenge in planning and executing a data encryption strategy, with 67% of respondents citing this as their top concern.  And that is likely to increase, with a pandemic-driven surge in employees working remotely, using data at home, creating extra copies on personal devices and cloud storage.

Blockchain, quantum and adoption of new encryption technologies

The study indicates that 48% of organizations have adopted encryption strategies across their enterprises, up from 45% in 2019. With encryption deployment steadily growing, how are organizations looking ahead? In the near term, 60% of organizations plan to use blockchain, with cryptocurrency/wallets, asset transactions, identity, supply chain and smart contracts cited at the top use cases.

Other much-hyped technologies are not on IT organizations' near-term radar. Most IT professionals see the mainstream adoption of multi-party computation at least five years away, with mainstream adoption of homomorphic encryption more than six years away, and quantum resistant algorithms over eight years out.

Trust, integrity, control

The use of hardware security modules (HSMs) continues to grow, with 48% of respondents deploying HSMs to provide a hardened, tamper-resistant environment with higher levels of trust, integrity and control for both data and applications. Organizations in Germany, the United States and Middle East are more likely to deploy HSMs, with Australia, Germany and the United States most likely to assign importance to HSMs as part of their organization's encryption or key management activities.

HSM usage is no longer limited to traditional use cases such as public key infrastructure (PKI), databases, application and network encryption (TLS/SSL). The demand for trusted encryption for new digital initiatives has driven significant HSM growth for big data encryption (up 17%) code signing (up 12%), IoT root of trust (up 10%) and document signing (up 7%).  Additionally, 35% of respondents report using HSMs to secure access to public cloud applications.

The race to the cloud

Eighty-three percent of respondents report transferring sensitive data to the cloud, or planning to do so within the next 12 to 24 months, with organizations in the United States, Brazil, Germany, India and South Korea doing so most frequently.

In the next 12 months, respondents predict a significant increase in the ownership and operation of HSMs to generate and manage Bring Your Own Key (BYOK), and integration with a Cloud Access Security Broker (CASB) to manage keys and cryptographic operations. The survey found that the most important cloud encryption features are: 

  • support for Key Management Interoperability Protocol (KMIP) (67%)
  • security information and event management (SIEM) integration (62%)
  • granular access controls (60%)
  • key usage audit logs (55%), and
  • privileged user access controls (50%).

"Consumers expect brands to keep their data safe from breaches and have their best interests at heart. The survey found that IT leaders are taking this seriously, with protection of consumer data cited as the top driver of encryption growth for the first time," says Dr Larry Ponemon, chairman and founder of Ponemon Institute. "Encryption use is at an all-time high with 48% of respondents this year saying their organization has an overall encryption plan applied consistently across the entire enterprise, and a further 39% having a limited plan or strategy applied to certain application and data types."

"As the world goes digital, the impact of the global pandemic highlights how security and identity have become critical for organizations and individuals both at work and at home," says John Grimm vice president of strategy at nCipher Security. "Organizations are under relentless pressure to deliver high security and seamless access - protecting their customer data, business critical information and applications while ensuring business continuity. nCipher empowers customers by providing a high assurance security foundation that ensures the integrity and trustworthiness of their data, applications and intellectual property."

Other key trends include:

  • The highest prevalence of organizations with an enterprise encryption strategy is in Germany (66%) followed by the United States (66%), Sweden (62%), Hong Kong (60%), Netherlands (56%) and the United Kingdom (54%).
  • Payment-related data (54% of respondents) and financial records (54% of respondents) are most likely to be encrypted.
  • The least likely data type to be encrypted is health-related information (25% of respondents), a surprising result given the sensitivity of this information and recent high-profile healthcare data breaches.
  • The industries seeing the most significant increase in extensive encryption usage are manufacturing (49%), hospitality (44%) and consumer products (43%).

Download the 2020 Global Encryption Trends Study here.

Published Thursday, April 09, 2020 9:02 AM by David Marshall
Filed under:
Get This Featured White Paper: Top 5 Reasons to Think Outside the Traditional VDI Box
You may also be interested in this white paper: Gartner Market Guide for IT Infrastructure Monitoring Tools
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
CTE2023
CC2023
big-5g
DTX2023
connected-america
unified-communications
kubecon-eu-2023
disrupt2023
vExpert
Calendar
<April 2020>
SuMoTuWeThFrSa
2930311234
567891011
12131415161718
19202122232425
262728293012
3456789