Human history is full of examples of encryption playing pivotal roles in war, competition and transitions of power. Throughout recorded time, people have employed encryption as a tactical tool to keep information private. That data could involve military campaigns, plots to overthrow political leaders or political dealings. In some cases, the use of encryption actually resulted in a false sense of security, because the encryption method itself was not secure enough.

With the advent of encryption, history set itself on a new course. The confidentiality, integrity and availability of information (or lack thereof) changed the outcome of events. In hindsight, the basic tools of data protection influenced people long before the invention of modern computing.

Encryption Basics

In today’s world, unlike the bulk of human history, information crosses the planet in real-time. When we make decisions based on that information, it is key that information is not only available when we need it, but is reliable and, often, confidential.

Encryption offers three pillars of value: confidentiality, reliability and control. These map nicely to the information security triad of confidentiality, integrity and availability.

Confidentiality

We all know that encrypting data makes the data confidential and hides it from the prying eyes of thieves, eavesdroppers and other threat actors. For a historical example, look at the highly classified plans of the Enola Gay bomber to drop the first atomic bomb. These plans were only communicated by way of encrypted channels. If they had been discovered by the Japanese military or their allies, the outcome of World War II could have been much different.

Integrity and Reliability Through Encryption

The other pillars provide just as much value and have just as much importance in history. Data encryption is a proactive step in adding reliability (or integrity) to the data. Reliability is an inherent characteristic of the algorithms used to encrypt data. If one bit is changed, the entire ciphertext may not be able to be decrypted, much less verified.

Specific algorithms called hash algorithms (and by extension, digital signatures) provide the mathematical anchors of reliability and integrity. They are important even though they do not specifically encrypt the data itself. The reliability pillar provides data protection against accidental (or intentional) changes.

Business, economic and military decisions are based on the availability of reliable data. If data is not reliable, then those decisions may do more damage than good. Critical data, such as the location of an aircraft approaching an airport, the temperature of a nuclear reactor or the earnings of a public company, influences how professionals respond. If that information is not reliable, bad things can happen.

Taking another chapter from the history of encryption, Mary Queen of Scots suffered the wrath of Queen Elizabeth I because of a weak cipher. Mary and Anthony Babington, her co-conspirator, used a cipher in in their plot to take over the English throne. This weak cipher not only could be broken, but it could also be forged.

Queen Elizabeth’s spymaster, Sir Francis Walsingham, oversaw the forgery of an encrypted message that resulted in the unintentional disclosure of the names of Babington’s accomplices to Walsingham along with the plot to overthrow Queen Elizabeth. The lack of reliability in the cipher used by the conspirators resulted in their executions.

The History of Data Control

Often data professionals acknowledge the third value pillar of encryption, data control, least. Whether that data consists of financial information on your organization’s performance, a photo of you from college, a letter between you and a previous business or a personal relationship, you generally want to keep this information confidential.

How does enterprise manage the risk to confidential data that could potentially live forever on the internet? We may not be able to control the bits of data or where they are located on the internet, but we can control the value of those bits. Data encryption requires robust encryption key management. As long as the data owners control the keys, they also control the data, regardless of where the data is located.

Whether we discard a key to a treasure chest by throwing it overboard or we encrypt data and destroy the encryption key, the effect is the same. The data (the treasure) is no longer recoverable, regardless of where it is located. This is a powerful concept that shows the control value of proper encryption key management. This is exemplified by the legendary Blitz Ciphers and the D-Day pigeon cipher from World War II. No one has yet encrypted those encoded messages. The authors of these messages, although long gone, are still in control of the information kept by their ciphers.

What would happen if all data were encrypted? Remember the three pillars of value for encryption and that confidentiality is only one of those pillars. Enterprise would find data to be more reliable and controllable if it was thoroughly encrypted. We would avoid inadvertent disclosure of data, and we would be able to make better and more reliable decisions. So, take a page from history, and know there is power in employing data encryption.

More from Data Protection

Vulnerability resolution enhanced by integrations

2 min read - Why speed is of the essence in today's cybersecurity landscape? How are you quickly achieving vulnerability resolution?Identifying vulnerabilities should be part of the daily process within an organization. It's an important piece of maintaining an organization’s security posture. However, the complicated nature of modern technologies — and the pace of change — often make vulnerability management a challenging task.In the past, many organizations had to support manual integration work to get different security systems to ‘talk’ to each other. As…

Cost of a data breach 2023: Geographical breakdowns

4 min read - Data breaches can occur anywhere in the world, but they are historically more common in specific countries. Typically, countries with high internet usage and digital services are more prone to data breaches. To that end, IBM’s Cost of a Data Breach Report 2023 looked at 553 organizations of various sizes across 16 countries and geographic regions, and 17 industries. In the report, the top five costs of a data breach by country or region (measured in USD millions) for 2023…

Cost of a data breach 2023: Pharmaceutical industry impacts

3 min read - Data breaches are both commonplace and costly in the medical industry.  Two industry verticals that fall under the medical umbrella — healthcare and pharmaceuticals — sit at the top of the list of the highest average cost of a data breach, according to IBM’s Cost of a Data Breach Report 2023. The health industry’s place at the top spot of most costly data breaches is probably not a surprise. With its sensitive and valuable data assets, it is one of…

Cost of a data breach 2023: Financial industry impacts

3 min read - According to the IBM Cost of a Data Breach Report 2023, the global average cost of a data breach in 2023 was $4.45 million, 15% more than in 2020. In response, 51% of organizations plan to increase cybersecurity spending this year. For the financial industry, however, global statistics don’t tell the whole story. Finance firms lose approximately $5.9 million per data breach, 28% higher than the global average. In addition, evolving regulatory concerns play a role in how financial companies…