Employee mistakes are by far the most significant threat to sensitive data – a greater threat than hackers and insiders combined, according to a study by the Ponemon Institute in the United States for the data security and encryption product company nCipher Security.
Dr Larry Ponemon, chairman and founder of the Ponemon Institute, says: “The use of encryption is at an all-time high, driven by the need to address compliance requirements such as the EU General Data Protection Regulation (GDPR), California Data Breach Notification Law and Australia Privacy Amendment Act 2017, and the need to protect sensitive information from both internal and external threats as well as accidental disclosure. Encryption usage is a clear indicator of a strong security posture with organisations that deploy encryption being more aware of threats to sensitive and confidential information and making a greater investment in IT security.”
Employee mistakes continue to be the most significant threat to sensitive data (cited by more than half, 54pc of those responding), more than external hackers (30pc) and malicious insiders (21pc). In contrast, the least significant threats to the exposure of sensitive or confidential data include government eavesdropping (12pc) and lawful data requests (11pc).
The main driver for encryption is protection of an enterprise’s intellectual property and the personal information of customers – both 54pc of respondents.
With more data to encrypt and close to two-thirds of respondents deploying six or more separate products to encrypt it, policy enforcement (73pc) was selected as the most important feature for encryption. Cloud data protection requirements continue to drive encryption use. [endif]Payment-related data (55pc of respondents) and financial records (54pc of respondents) are most likely to be encrypted; least likely data type to be encrypted, health-related information (24pc of respondents).
John Grimm, senior director of strategy and business development at nCipher Security, says: “Organisations are under relentless pressure to protect their business critical information and applications and meet regulatory compliance, but the proliferation of data, concerns around data discovery and policy enforcement, together with lack of cybersecurity skills makes this a challenging environment. nCipher empowers customers by providing a high assurance security foundation that ensures the integrity and trustworthiness of their data, applications and intellectual property.”
For the trends study visit the nCipher website.
Methodology
The 2019 Global Encryption Trends Study, based on research by the Ponemon Institute, surveyed 5,856 individuals across multiple industry sectors in 14 countries and regions: Australia, Brazil, France, Germany, India, Japan, Mexico, the Middle East (a combination of respondents in Saudi Arabia and the United Arab Emirates), the Russian Federation, South Korea, the UK, the United States and, two new regions in Asia for the first time, Southeast Asia (Indonesia, Malaysia, Philippines, Thailand, and Vietnam) and Hong Kong and Taiwan.
