Security Market Segment LS
Wednesday, 22 July 2020 09:51

Law has not dampened enthusiasm for use of encryption: nCipher chief

Law has not dampened enthusiasm for use of encryption: nCipher chief Pixabay

The head of a general-purpose hardware security module provider says that as per his observations, the passage of an encryption bill by the Australian Government in 2018 — legislation that was roundly panned by the industry as likely to have a negative effect on encryption take-up — has not deterred companies from planning for the use of the technology.

James Cook, Australia managing director for nCipher Security, told iTWire in response to a query that a global study just released by the company, based on research from the Ponemon Institute, showed more than half of Australian organisations (52%) had encryption strategies in place.

"That is a notable increase of 14% since 2018. In our experience dealing with Australian organisations, the bill has not deterred them from their encryption plans," Cook said.

"The bottom line of it is that organisations understand that the value of protecting data … the value of encryption to protect their data … is so high that even if it is implemented with some of the implications of this legislation, it will still be vastly superior to not doing encryption at all."

When asked, Cook said he could not comment on the use of encryption by individuals and whether this was on the rise or not. "nCipher Security’s focus is on business solutions, and so we cannot comment on consumer usage of encryption," he said.

"However, from a business perspective, the research tells us that email encryption doesn’t make the top in Australia in terms of data types that are most often encrypted. That doesn’t mean it’s not getting encrypted."

He said the effect of one laptop or one person’s email or one endpoint being compromised was important enough to protect against.

"A lot of sensitive information is shared via email. It would be great if the importance of data protection would be filtered down to encryption of people’s personal emails.

encryption graphic

"However, organisations are working under the assumption that there are many ways hackers can exploit systems and endpoints to get at the data motherload that is the data at rest within the organisation’s systems; be that customer personal data, stores of credit card details, employee HR records etc., and that large store of data must be defended with encryption and robust key management as a top priority."

The encryption study gathered responses from 6457 individuals across different industry sectors in 17 countries: Australia, Brazil, France, Germany, Hong Kong, India, Japan, Mexico, Saudi Arabia, the United Arab Emirates), the Netherlands, Russia, Southeast Asia, South Korea, Sweden, Taiwan, the UK and the US.

Running for 15 years, the first study was conducted on an American sample in 2005. This report will focus on the findings from Australian respondents.

While overall most respondents put the protection of personal information as the top reason for using encryption - 54% opted for this against 47% who picked compliance - Australian respondents overwhelmingly (57%) opted for regulatory compliance as the main reason for adopting encryption. And for the third year running, Australians chose compliance with internal policies more than any other country (43% against 23%).

Cook said this did not really surprise him. "There has been a raft of new regulations and regulatory changes impacting this market over the past couple of years such as Consumer Data Right, and a critical focus on the financial sector in particular, so it is only natural for respondents to have a keen focus on compliance," he said.

"Organisations that move beyond encryption for the sake of compliance understand and value their data protection credentials as a genuine selling point," he added.

"Australian enterprises have an opportunity to transform their outlook on encryption from checking the compliance boxes to protecting customer information in ways that improve customer retention, profitability and competitiveness."

When it came to naming the biggest threat to sensitive data, 62% of Australian respondents selected employee mistakes. This was 8% higher than the global average.

Seventy percent of Australians said data discovery was the biggest challenge in planning and executing a data encryption strategy. That was likely to increase, with a pandemic-driven surge in employees working remotely, using data at home, creating extra copies on personal devices and cloud storage, nCipher said.

The study indicates that 52% of organisations in Australia had adopted encryption strategies across their businesses (48% globally). In the near term, 59% planned to use blockchain, with cryptocurrency/wallets, asset transactions, identity, supply chain and smart contracts cited as the top use cases.

More than four-fifths of Australian respondents said they had transferred sensitive data to the cloud, or planning to do so within the next year or tow.

"Consumers expect brands to keep their data safe from breaches and have their best interests at heart. The survey found that IT leaders are taking this seriously, with protection of consumer data cited as the top driver of encryption growth for the first time," says Dr Larry Ponemon, chairman and founder of Ponemon Institute.

"Encryption use is at an all-time high with 52% of respondents in Australia saying their organisation has an overall encryption plan applied consistently across the entire enterprise, and a further 33% having a limited plan or strategy applied to certain application and data types."

Other key trends:

  • The fastest growing encryption use cases for respondents in Australia include public cloud services (49%, up from 32% last year), IoT devices (31% from 22% over the past two years) and Docker containers (26%, up from 19% last year);
  • The highest prevalence of organisations with an enterprise encryption strategy is in Germany (66%) followed by the US (66%), Sweden (62%), Hong Kong (60%), the Netherlands (56%) and the UK (54%) with Australia at 52%.
  • Globally payment-related data (54% of respondents) and financial records (54% of respondents) are most likely to be encrypted. Seventy-one percent of Australian organisations encrypted payment-related data, up from 44% two years ago.
  • In Australia, organisations have continued to encrypt employee/HR data (58% vs 52% globally) and customer information (54% vs 44% globally) at higher rates than global counterparts.

Graphic courtesy nCipher Security

Subscribe to ITWIRE UPDATE Newsletter here

Now’s the Time for 400G Migration

The optical fibre community is anxiously awaiting the benefits that 400G capacity per wavelength will bring to existing and future fibre optic networks.

Nearly every business wants to leverage the latest in digital offerings to remain competitive in their respective markets and to provide support for fast and ever-increasing demands for data capacity. 400G is the answer.

Initial challenges are associated with supporting such project and upgrades to fulfil the promise of higher-capacity transport.

The foundation of optical networking infrastructure includes coherent optical transceivers and digital signal processing (DSP), mux/demux, ROADM, and optical amplifiers, all of which must be able to support 400G capacity.

With today’s proprietary power-hungry and high cost transceivers and DSP, how is migration to 400G networks going to be a viable option?

PacketLight's next-generation standardised solutions may be the answer. Click below to read the full article.


WEBINAR PROMOTION ON ITWIRE: It's all about webinars

These days our customers Advertising & Marketing campaigns are mainly focussed on webinars.

If you wish to promote a Webinar we recommend at least a 2 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial.

This coupled with the new capabilities 5G brings opens up huge opportunities for both network operators and enterprise organisations.

We have a Webinar Business Booster Pack and other supportive programs.

We look forward to discussing your campaign goals with you.


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News