August 3, 2020 By Rick Robinson 3 min read

Human history is full of examples of encryption playing pivotal roles in war, competition and transitions of power. Throughout recorded time, people have employed encryption as a tactical tool to keep information private. That data could involve military campaigns, plots to overthrow political leaders or political dealings. In some cases, the use of encryption actually resulted in a false sense of security, because the encryption method itself was not secure enough.

With the advent of encryption, history set itself on a new course. The confidentiality, integrity and availability of information (or lack thereof) changed the outcome of events. In hindsight, the basic tools of data protection influenced people long before the invention of modern computing.

Encryption Basics

In today’s world, unlike the bulk of human history, information crosses the planet in real-time. When we make decisions based on that information, it is key that information is not only available when we need it, but is reliable and, often, confidential.

Encryption offers three pillars of value: confidentiality, reliability and control. These map nicely to the information security triad of confidentiality, integrity and availability.


We all know that encrypting data makes the data confidential and hides it from the prying eyes of thieves, eavesdroppers and other threat actors. For a historical example, look at the highly classified plans of the Enola Gay bomber to drop the first atomic bomb. These plans were only communicated by way of encrypted channels. If they had been discovered by the Japanese military or their allies, the outcome of World War II could have been much different.

Integrity and Reliability Through Encryption

The other pillars provide just as much value and have just as much importance in history. Data encryption is a proactive step in adding reliability (or integrity) to the data. Reliability is an inherent characteristic of the algorithms used to encrypt data. If one bit is changed, the entire ciphertext may not be able to be decrypted, much less verified.

Specific algorithms called hash algorithms (and by extension, digital signatures) provide the mathematical anchors of reliability and integrity. They are important even though they do not specifically encrypt the data itself. The reliability pillar provides data protection against accidental (or intentional) changes.

Business, economic and military decisions are based on the availability of reliable data. If data is not reliable, then those decisions may do more damage than good. Critical data, such as the location of an aircraft approaching an airport, the temperature of a nuclear reactor or the earnings of a public company, influences how professionals respond. If that information is not reliable, bad things can happen.

Taking another chapter from the history of encryption, Mary Queen of Scots suffered the wrath of Queen Elizabeth I because of a weak cipher. Mary and Anthony Babington, her co-conspirator, used a cipher in in their plot to take over the English throne. This weak cipher not only could be broken, but it could also be forged.

Queen Elizabeth’s spymaster, Sir Francis Walsingham, oversaw the forgery of an encrypted message that resulted in the unintentional disclosure of the names of Babington’s accomplices to Walsingham along with the plot to overthrow Queen Elizabeth. The lack of reliability in the cipher used by the conspirators resulted in their executions.

The History of Data Control

Often data professionals acknowledge the third value pillar of encryption, data control, least. Whether that data consists of financial information on your organization’s performance, a photo of you from college, a letter between you and a previous business or a personal relationship, you generally want to keep this information confidential.

How does enterprise manage the risk to confidential data that could potentially live forever on the internet? We may not be able to control the bits of data or where they are located on the internet, but we can control the value of those bits. Data encryption requires robust encryption key management. As long as the data owners control the keys, they also control the data, regardless of where the data is located.

Whether we discard a key to a treasure chest by throwing it overboard or we encrypt data and destroy the encryption key, the effect is the same. The data (the treasure) is no longer recoverable, regardless of where it is located. This is a powerful concept that shows the control value of proper encryption key management. This is exemplified by the legendary Blitz Ciphers and the D-Day pigeon cipher from World War II. No one has yet encrypted those encoded messages. The authors of these messages, although long gone, are still in control of the information kept by their ciphers.

What would happen if all data were encrypted? Remember the three pillars of value for encryption and that confidentiality is only one of those pillars. Enterprise would find data to be more reliable and controllable if it was thoroughly encrypted. We would avoid inadvertent disclosure of data, and we would be able to make better and more reliable decisions. So, take a page from history, and know there is power in employing data encryption.

More from Data Protection

Overheard at RSA Conference 2024: Top trends cybersecurity experts are talking about

4 min read - At a brunch roundtable, one of the many informal events held during the RSA Conference 2024 (RSAC), the conversation turned to the most popular trends and themes at this year’s events. There was no disagreement in what people presenting sessions or companies on the Expo show floor were talking about: RSAC 2024 is all about artificial intelligence (or as one CISO said, “It’s not RSAC; it’s RSAI”). The chatter around AI shouldn’t have been a surprise to anyone who attended…

3 Strategies to overcome data security challenges in 2024

3 min read - There are over 17 billion internet-connected devices in the world — and experts expect that number will surge to almost 30 billion by 2030.This rapidly growing digital ecosystem makes it increasingly challenging to protect people’s privacy. Attackers only need to be right once to seize databases of personally identifiable information (PII), including payment card information, addresses, phone numbers and Social Security numbers.In addition to the ever-present cybersecurity threats, data security teams must consider the growing list of data compliance laws…

How data residency impacts security and compliance

3 min read - Every piece of your organization’s data is stored in a physical location. Even data stored in a cloud environment lives in a physical location on the virtual server. However, the data may not be in the location you expect, especially if your company uses multiple cloud providers. The data you are trying to protect may be stored literally across the world from where you sit right now or even in multiple locations at the same time. And if you don’t…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today