April 17, 2017 By Mark Samuels 2 min read

Today, more organizations are taking a strategic stance to encryption, and they are deploying a range of technologies and techniques to combat external threats.

Businesses have responded to the increased use of the cloud with a commensurate adoption of encryption, the Ponemon Institute and Thales outlined in the “2017 Global Encryption Trends Study.” As many as 41 percent of respondents believed their organization had a strategy that was applied consistently across the enterprise.

The research highlighted how the growing use of on-demand systems and services means line-of-businesses executives are taking a comprehensive approach to data security. Additionally, they are, in many cases, helping to dictate how information is used and protected.

Creating a Strategy for Encrypted Data

Businesses are aware of both the potential risk of cyberattacks and of the requirement to protect sensitive data, said Larry Ponemon, chairman and founder of the Ponemon Institute, in the report’s press release. He added that smart executives understand they must replace reactive approaches with a sophisticated data protection strategy. Business leaders have a higher influence over this aspect of a security strategy than IT operations for the first time in the study’s 12-year history.

Infosecurity Magazine noted compliance is the top driver for encryption, according to 55 percent of respondents. It was followed closely by protecting enterprise intellectual property (51 percent), customer information protection (49 percent) and protection from external threats (49 percent).

Understanding the Rise of the Cloud and Encryption

About two-thirds (67 percent) of respondents take one of two routes to securing data at rest in the cloud: They either encrypt data on-premises prior to transmitting it to the cloud, or they encrypt it on-demand using keys they generate and manage on their own site.

But 31 percent of firms are using or plan to use hardware security modules (HSMs) with bring-your-own-key deployments. As many as 38 percent of firms now use HSMs, which represents a new industry high. Almost half of those businesses own and operate HSMs on-site to support cloud-based apps.

More than two-thirds (37 percent) said their organizations turn over complete control of keys and encryption processes to cloud providers. Another 20 percent are using or plan to deploy cloud access security brokers (CASBs). Overall use of HSMs with CASBs is expected to double during the next year from 12 percent to 24 percent, Infosecurity Magazine reported.

Implementing a Stronger Security Strategy

Organizations are adopting encryption at a rapid and increasingly urgent pace. The move is largely because the technology helps enterprises support dynamic industry regulations while also protecting sensitive data in the cloud.

Yet the shift towards stronger data security should not be taken for granted. Thales and 451 Research stated 93 percent of firms will use sensitive data in an advanced technology environment, such as the cloud, this year. However, 63 percent also believed they were deploying these technologies without appropriate data security systems in place.

Business and security leaders should ensure their on-demand IT approach is matched with a strong security strategy. The deployment of service-based security tool sets, the classification of sensitive data within the cloud, and the use of information security across all advanced technology platforms are potential solutions for securing enterprise data.

More from

How I got started: Incident responder

3 min read - As a cybersecurity incident responder, life can go from chill to chaos in seconds. What is it about being an incident responder that makes people want to step up for this crucial cybersecurity role?With our How I Got Started series, we learn from experts in their field and find out how they got started and what advice they have for anyone looking to get into the field.In this Q&A, we spoke with IBM’s own Dave Bales, co-lead X-Force Incident Command…

Zero-day exploits underscore rising risks for internet-facing interfaces

3 min read - Recent reports confirm the active exploitation of a critical zero-day vulnerability targeting Palo Alto Networks’ Next-Generation Firewalls (NGFW) management interfaces. While Palo Alto’s swift advisories and mitigation guidance offer a starting point for remediation, the broader implications of such vulnerabilities demand attention from organizations globally.The surge in attacks on internet-facing management interfaces highlights an evolving threat landscape and necessitates rethinking how organizations secure critical assets.Who is exploiting the NGFW zero-day?As of now, little is known about the actors behind the…

How TikTok is reframing cybersecurity efforts

4 min read - You might think of TikTok as the place to go to find out new recipes and laugh at silly videos. And as a cybersecurity professional, TikTok’s potential data security issues are also likely to come to mind. However, in recent years, TikTok has worked to promote cybersecurity through its channels and programs. To highlight its efforts, TikTok celebrated Cybersecurity Month by promoting its cybersecurity focus and sharing cybersecurity TikTok creators.Global Bug Bounty program with HackerOneDuring Cybersecurity Month, the social media…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today