For the first time regulatory compliance has surpassed data breach mitigation as the top reason why organizations deploy encryption technologies, according to Ponemon research. Their report also found that solutions involving encryption have seen the biggest increase in IT budget earmarks over the past year.
Data breaches continue to be a major concern for organizations and the subset experiencing more than five a year is on the rise. In the past 12 months, 88 percent of organizations surveyed had at least one data breach, up three percent from 2009. That increase is driven primarily by the group that experienced more than five breaches, up three percent from 2009 and 12 percent from 2008.
The vast majority of organizations continue to adopt encryption: In this year’s study, 90 percent of organizations have completed at least one encryption project. This figure has stayed essentially stable for the past three years (down one point from 2009 and zero points from 2008). Data encryption ranked fifth in implementation among possible options.
Data protection is increasingly viewed as a mission-critical element of an organization’s risk management efforts. An overwhelming number of respondents – 93 percent – stated that data protection is either a “very important” or “important” part of their risk management efforts.
Organizations are consistently using the same encryption technologies, but full disk encryption is a growing favorite. Full disk encryption jumped to the number-two spot with a five percent increase from 2009 and remains the fastest-growing technology, with use up 15 percent since 2007.
Complying with data protection and privacy regulations is becoming more central to organizations’ use of encryption, ahead of mitigating data breaches. This trend indicates that organizations are getting ahead of the curve with their encryption strategy before the breach occurs, not after.
As a group, solutions involving encryption have seen the biggest increase in IT budget earmarks. Earmarks for encryption solutions are up nine percent from 2009 and 12 percent since 2008. Endpoint security solutions including laptop encryption are up 10 percent from 2009 and 11 percent from 2008. Key management for encryption solutions rose nearly as much, up nine percent from 2009 and 10 percent from 2008.
“All of these factors bolster the argument for organizations to protect their sensitive data with encryption technologies,” said Bryan Gillson, senior director of product management, Symantec. “As companies increasingly rely on outsourcers, cloud-based technologies and mobile solutions, a major side effect is that more data is exposed to loss or theft. Encryption technologies enable organizations to take a more proactive approach to data protection and avoid the heavy fines, brand damage, and operational disruption a data breach can cause.”