April 17, 2017 By Mark Samuels 2 min read

Today, more organizations are taking a strategic stance to encryption, and they are deploying a range of technologies and techniques to combat external threats.

Businesses have responded to the increased use of the cloud with a commensurate adoption of encryption, the Ponemon Institute and Thales outlined in the “2017 Global Encryption Trends Study.” As many as 41 percent of respondents believed their organization had a strategy that was applied consistently across the enterprise.

The research highlighted how the growing use of on-demand systems and services means line-of-businesses executives are taking a comprehensive approach to data security. Additionally, they are, in many cases, helping to dictate how information is used and protected.

Creating a Strategy for Encrypted Data

Businesses are aware of both the potential risk of cyberattacks and of the requirement to protect sensitive data, said Larry Ponemon, chairman and founder of the Ponemon Institute, in the report’s press release. He added that smart executives understand they must replace reactive approaches with a sophisticated data protection strategy. Business leaders have a higher influence over this aspect of a security strategy than IT operations for the first time in the study’s 12-year history.

Infosecurity Magazine noted compliance is the top driver for encryption, according to 55 percent of respondents. It was followed closely by protecting enterprise intellectual property (51 percent), customer information protection (49 percent) and protection from external threats (49 percent).

Understanding the Rise of the Cloud and Encryption

About two-thirds (67 percent) of respondents take one of two routes to securing data at rest in the cloud: They either encrypt data on-premises prior to transmitting it to the cloud, or they encrypt it on-demand using keys they generate and manage on their own site.

But 31 percent of firms are using or plan to use hardware security modules (HSMs) with bring-your-own-key deployments. As many as 38 percent of firms now use HSMs, which represents a new industry high. Almost half of those businesses own and operate HSMs on-site to support cloud-based apps.

More than two-thirds (37 percent) said their organizations turn over complete control of keys and encryption processes to cloud providers. Another 20 percent are using or plan to deploy cloud access security brokers (CASBs). Overall use of HSMs with CASBs is expected to double during the next year from 12 percent to 24 percent, Infosecurity Magazine reported.

Implementing a Stronger Security Strategy

Organizations are adopting encryption at a rapid and increasingly urgent pace. The move is largely because the technology helps enterprises support dynamic industry regulations while also protecting sensitive data in the cloud.

Yet the shift towards stronger data security should not be taken for granted. Thales and 451 Research stated 93 percent of firms will use sensitive data in an advanced technology environment, such as the cloud, this year. However, 63 percent also believed they were deploying these technologies without appropriate data security systems in place.

Business and security leaders should ensure their on-demand IT approach is matched with a strong security strategy. The deployment of service-based security tool sets, the classification of sensitive data within the cloud, and the use of information security across all advanced technology platforms are potential solutions for securing enterprise data.

More from

When ransomware kills: Attacks on healthcare facilities

4 min read - As ransomware attacks continue to escalate, their toll is often measured in data loss and financial strain. But what about the loss of human life? Nowhere is the ransomware threat more acute than in the healthcare sector, where patients’ lives are literally on the line.Since 2015, there has been a staggering increase in ransomware attacks on healthcare facilities. And the impacts are severe: Diverted emergency services, delayed critical treatments and even fatalities. Meanwhile, the pledge some ransomware groups made during…

AI and cloud vulnerabilities aren’t the only threats facing CISOs today

6 min read - With cloud infrastructure and, more recently, artificial intelligence (AI) systems becoming prime targets for attackers, security leaders are laser-focused on defending these high-profile areas. They’re right to do so, too, as cyber criminals turn to new and emerging technologies to launch and scale ever more sophisticated attacks.However, this heightened attention to emerging threats makes it easy to overlook traditional attack vectors, such as human-driven social engineering and vulnerabilities in physical security.As adversaries exploit an ever-wider range of potential entry points…

4 trends in software supply chain security

4 min read - Some of the biggest and most infamous cyberattacks of the past decade were caused by a security breakdown in the software supply chain. SolarWinds was probably the most well-known, but it was not alone. Incidents against companies like Equifax and tools like MOVEit also wreaked havoc for organizations and customers whose sensitive information was compromised.Expect to see more software supply chain attacks moving forward. According to ReversingLabs' The State of Software Supply Chain Security 2024 study, attacks against the software…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today