April 17, 2017 By Mark Samuels 2 min read

Today, more organizations are taking a strategic stance to encryption, and they are deploying a range of technologies and techniques to combat external threats.

Businesses have responded to the increased use of the cloud with a commensurate adoption of encryption, the Ponemon Institute and Thales outlined in the “2017 Global Encryption Trends Study.” As many as 41 percent of respondents believed their organization had a strategy that was applied consistently across the enterprise.

The research highlighted how the growing use of on-demand systems and services means line-of-businesses executives are taking a comprehensive approach to data security. Additionally, they are, in many cases, helping to dictate how information is used and protected.

Creating a Strategy for Encrypted Data

Businesses are aware of both the potential risk of cyberattacks and of the requirement to protect sensitive data, said Larry Ponemon, chairman and founder of the Ponemon Institute, in the report’s press release. He added that smart executives understand they must replace reactive approaches with a sophisticated data protection strategy. Business leaders have a higher influence over this aspect of a security strategy than IT operations for the first time in the study’s 12-year history.

Infosecurity Magazine noted compliance is the top driver for encryption, according to 55 percent of respondents. It was followed closely by protecting enterprise intellectual property (51 percent), customer information protection (49 percent) and protection from external threats (49 percent).

Understanding the Rise of the Cloud and Encryption

About two-thirds (67 percent) of respondents take one of two routes to securing data at rest in the cloud: They either encrypt data on-premises prior to transmitting it to the cloud, or they encrypt it on-demand using keys they generate and manage on their own site.

But 31 percent of firms are using or plan to use hardware security modules (HSMs) with bring-your-own-key deployments. As many as 38 percent of firms now use HSMs, which represents a new industry high. Almost half of those businesses own and operate HSMs on-site to support cloud-based apps.

More than two-thirds (37 percent) said their organizations turn over complete control of keys and encryption processes to cloud providers. Another 20 percent are using or plan to deploy cloud access security brokers (CASBs). Overall use of HSMs with CASBs is expected to double during the next year from 12 percent to 24 percent, Infosecurity Magazine reported.

Implementing a Stronger Security Strategy

Organizations are adopting encryption at a rapid and increasingly urgent pace. The move is largely because the technology helps enterprises support dynamic industry regulations while also protecting sensitive data in the cloud.

Yet the shift towards stronger data security should not be taken for granted. Thales and 451 Research stated 93 percent of firms will use sensitive data in an advanced technology environment, such as the cloud, this year. However, 63 percent also believed they were deploying these technologies without appropriate data security systems in place.

Business and security leaders should ensure their on-demand IT approach is matched with a strong security strategy. The deployment of service-based security tool sets, the classification of sensitive data within the cloud, and the use of information security across all advanced technology platforms are potential solutions for securing enterprise data.

More from

Airplane cybersecurity: Past, present, future

4 min read - With most aviation processes now digitized, airlines and the aviation industry as a whole must prioritize cybersecurity. If a cyber criminal launches an attack that affects a system involved in aviation — either an airline’s system or a third-party vendor — the entire process, from safety to passenger comfort, may be impacted.To improve security in the aviation industry, the FAA recently proposed new rules to tighten cybersecurity on airplanes. These rules would “protect the equipment, systems and networks of transport…

Protecting your digital assets from non-human identity attacks

4 min read - Untethered data accessibility and workflow automation are now foundational elements of most digital infrastructures. With the right applications and protocols in place, businesses no longer need to feel restricted by their lack of manpower or technical capabilities — machines are now filling those gaps.The use of non-human identities (NHIs) to power business-critical applications — especially those used in cloud computing environments or when facilitating service-to-service connections — has opened the doors for seamless operational efficiency. Unfortunately, these doors aren’t the…

Communication platforms play a major role in data breach risks

4 min read - Every online activity or task brings at least some level of cybersecurity risk, but some have more risk than others. Kiteworks Sensitive Content Communications Report found that this is especially true when it comes to using communication tools.When it comes to cybersecurity, communicating means more than just talking to another person; it includes any activity where you are transferring data from one point online to another. Companies use a wide range of different types of tools to communicate, including email,…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today