Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Perimeter

2/28/2012
09:56 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

tudy Reveals That Encryption is Critical to Increase Security Posture, Report Thales And Ponemon Institute

Multinational survey concludes that encryption and key management have become strategic business issues to address compliance and manage risk

Click here for more articles.

SAN FRANCISCO--(BUSINESS WIRE)--Thales, leader in information systems and communications security, today announces the publication of the 2011 Global Encryption Trends Study. The report, based on independent research by the Ponemon Institute and sponsored by Thales, reveals that encryption is now seen as a strategic issue and that organizations are increasing their investment in encryption across the enterprise in response to compliance regulations and cyber-attacks.

More than 4,000 business and IT managers were surveyed in the US, UK, Germany, France, Australia, Japan and Brazil. This year’s study looks at more territories than in any previous year since its launch in 2005 when it was the first to examine regional differences in encryption usage.

The report found that encryption deployment rates vary across different countries. Germany, the US and Japan show the greatest use of encryption. However, what is clear is that encryption is growing in importance in all the countries, with companies increasingly deploying encryption as part of an overall data protection strategy. In 2005 only 15% of organizations surveyed had an encryption strategy, today for the first time there are more organizations with an encryption strategy than without.

Encryption is now viewed as a strategic issue with business leaders gaining greater influence over their organization’s encryption strategy. The study shows that the CIO, CTO or IT leader still tends to be the most important figure in deciding encryption strategy (39% of respondents), but non-IT business managers have an increasing role in determining that strategy (more than doubling since 2005 to 21% of respondents), demonstrating that encryption is no longer seen as just an IT issue but one that affects an entire organization.

The main drivers for deploying encryption solutions are to protect brand reputation (45%) and lessen the impact of data breaches (40%). Compliance is also a major driver for using encryption with 39% of respondents saying it is to comply with privacy or data security regulations and requirements. Compliance is also driving increased budgets with the highest IT security spend dedicated to data protection in countries that rank compliance as the most important driver for encryption. Compliance is in fact the number one driver for using encryption in the US, UK and France.

Respondents considered key management issues to be amongst the most important features of encryption technology, in particular the use of automated and centralized key management. Most interestingly, half of respondents believed that investments in key management had the potential to reduce operational costs within their organization. The significance of key management was further illustrated when respondents were asked about the relative importance of various best practices or “standards of due care” when deploying encryption with 5 out the top 7 being explicitly focused on key management issues.

Dr Larry Ponemon, chairman and founder of The Ponemon Institute, says, "The scale and geographical reach of this year’s study is greater than ever before. The regional differences in encryption usage highlighted by the study are fascinating and, in some cases, surprising. Nonetheless, regardless of an organization’s location, it is clear that encryption and key management are becoming more widely deployed and increasingly seen as strategic issues. Encryption usage has emerged as a clear indicator of a strong security posture with organizations that deploy encryption being more aware of threats to sensitive and confidential information and making a greater investment in IT security."

"Encryption is taking center stage as a strategic IT security issue, in order to mitigate the risk of data breaches and cyber-attacks and to protect an organization's brand, reputation and credibility." says Franck Greverie, Thales vice president in charge of information technology security activities. "However encryption is only a valuable tool if deployed correctly. Thales enables its customers to achieve high levels of assurance when deploying all forms of cryptography. By following the appropriate standards of due care our customers are able to reinforce their organization’s data security practices and protect their most valuable assets and business processes".

Thales and the Ponemon Institute reveal the results of the 2011 Global Encryption Trends Study, Tuesday, February 28, 2012 at "W" San Francisco Hotel 12noon - 1.00pm. Click here to register (this is a registration only event) or download the report http://bit.ly/zsbAJ7

Visit Thales at booth #723, RSA Conference, Moscone Center, San Francisco, February 27-March 2, 2012.

Visit the Thales Key Management Insights blog for overviews of key management issues, industry news and comment.

About the Ponemon Institute The Ponemon Institute is dedicated to advancing responsible information and privacy management practices in business and government. To achieve this objective, the Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a variety of industries.

About Thales e-Security Thales e-Security is a leading global provider of data encryption and cyber security solutions to the financial services, high technology manufacturing, government and technology sectors. With a 40-year track record of protecting corporate and government information, Thales solutions are used by four of the five largest energy and aerospace companies, 22 NATO countries, and they secure more than 70 percent of worldwide payment transactions. Thales e-Security has offices in France, Hong Kong, Norway, United States and the United Kingdom. www.thales-esecurity.com

About Thales Thales is a global technology leader for the Defence & Security and the Aerospace & Transport markets. In 2011, the company generated revenues of 13 billion with 68,000 employees in more than 50 countries. With its 22,500 engineers and researchers, Thales has a unique capability to design, develop and deploy equipment, systems and services that meet the most complex security requirements. Thales has an exceptional international footprint, with operations around the world working with customers and local partners. www.thalesgroup.com

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-21392
PUBLISHED: 2021-04-12
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 requests to user provided domains were not restricted to external IP addresses when transitional IPv6 addre...
CVE-2021-21393
PUBLISHED: 2021-04-12
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 Synapse is missing input validation of some parameters on the endpoints used to confirm third-party identif...
CVE-2021-29429
PUBLISHED: 2021-04-12
In Gradle before version 7.0, files created with open permissions in the system temporary directory can allow an attacker to access information downloaded by Gradle. Some builds could be vulnerable to a local information disclosure. Remote files accessed through TextResourceFactory are downloaded in...
CVE-2021-21394
PUBLISHED: 2021-04-12
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 Synapse is missing input validation of some parameters on the endpoints used to confirm third-party identif...
CVE-2021-22497
PUBLISHED: 2021-04-12
Advanced Authentication versions prior to 6.3 SP4 have a potential broken authentication due to improper session management issue.