There’s something satisfying about having empirical evidence confirm what you see every day. This year’s Global Encryption Trends Study reveals that encryption has come a long way since the days when it was governments and banks that cared most about it. Today, encryption is a core element of the data security strategy for all types of organizations, and the results of this year’s survey bear that out. Encryption – with a sound key management approach underpinning it – can protect your data when the other lines of defense around it break down. And as my colleague Cindy Provin noted in her recent blog post, its importance is appreciated all the way up to corporate boardrooms across the globe.
It has not always been this way. When the first Global Encryption Trends Study came out in 2005, less than 15 percent of respondents said their organizations had a comprehensive encryption strategy, and 38 percent did not have any strategy in place. Today, 41 percent of respondents say their organization has fully embraced encryption with a thoughtful and expansive approach. Only 14 percent have no encryption strategy in place.
But not only has that adoption number grown since 2005, it also reached a four-year high in its rate of growth this year – likely spurred by an escalating drumbeat of data breaches. Encryption is such a top-tier topic that it’s a regular subject for discussion in the company boardroom.
Encryption’s growing popularity – as well as executives’ interest and involvement – is a sign that more decision makers are recognizing it as a core component of data security. What do I mean by decision makers? Well, here’s another first that this year’s study revealed: Business unit leaders have the highest influence over encryption strategy – higher than their colleagues in the IT department. That’s a sea change, and, frankly, a very important one. Don’t get me wrong – in no way do we want to push IT professionals out of the security equation. But we do need buy-in and collaboration from organizational leaders across all divisions to use encryption intelligently, effectively, and to its fullest potential. Our survey reveals that many organizations struggle to implement consistent policies and feel the pain of key management when deploying encryption in isolated silos – something a broader strategy can help address.
The obvious next question is: To what do we owe this shift in approaches to encryption? Here are my answers:
So as we continue forward into an era in which businesses are transforming by connecting – but, in so doing, are exposing themselves to new risks – one thing is clear: encryption – done right – is an indispensable piece of the puzzle.