Yet as cloud complicates things, many companies are still encrypting data wrong – or not at all..
Business executives are increasingly recognising that unencrypted data represents a governance shortcoming tantamount to “negligence”, one Australian security innovator has warned as figures suggest that business unit leaders now have more influence over corporate encryption strategies than IT leaders.
That shift – noted in the Ponemon Institute-Thales Global Encryption Trends Study earlier this year – suggests a growing recognition amongst business leaders that data must be protected in a way that makes it unusable even if it is breached. This practice has been extremely rare to date – recent Breach Level Index statistics suggested just 4 percent of data breaches were considered “secure breaches” where stolen data was encrypted – but Kelly Taylor, country manager with Thales e-Security, believes the growing involvement of business leaders and dedicated chief data officers (CDOs) is changing that.
The Ponemon-Thales study found that 41 percent of companies now have a consistent encryption strategy, up from 37 percent a year earlier. Some 30 percent of respondents said line-of-business or general management were most influential on encryption strategy, compared to 29 percent who credited IT operations and just 16 percent who said the security team was responsible.