Employee and HR data is the most commonly encrypted data

The use of encryption continues to grow in response to cyber-attacks, privacy compliance regulations and consumer concerns, and the majority of organizations plan to transfer sensitive data to the cloud within the next two years, the results of the latest 2016 Global Encryption Trends Study by Ponemon Institute have shown.

Encrypted data

The global encryption study is in its 11th year and shows how organizations around the world are dealing with increased vulnerabilities and implementation of encryption to protect their most sensitive data. More than 5000 business and IT managers in the US, UK, Germany, France, Australia, Japan, Brazil, the Russian Federation, Mexico, India and, for the first time this year Saudi Arabia and United Arab Emirates, were polled.

Critical findings include:

  • More than half of respondents (56%) are transferring sensitive or confidential data to the cloud – and this will rise to a total of 84% in the next two years
  • Support for both cloud and on-premise deployment was rated the most important consideration when deploying encryption solutions
  • Employee and HR data is the most commonly encrypted data – higher even than payment data, intellectual property or financial records – indicating a higher sensitivity to protecting personal information
  • The number one perceived threat to data exposure is employee mistakes, followed by system or application malfunction rather than external attack or malicious insiders.

“Mega breaches and cyberattacks have increased companies’ urgency to improve their security posture, and encryption usage continues to be a clear indicator of a strong security posture,” Dr. Larry Ponemon, chairman and founder of The Ponemon Institute, commented.

“The findings of this year’s study demonstrate the importance of both encryption and key management across a wide range of core enterprise applications – from networking, databases and application level encryption to PKI, payments, public and private cloud computing and more.”

“As businesses increasingly turn to cloud services, we’re seeing a rapid rise in sensitive or confidential data being transferred to the cloud and yet only a third of respondents had an overall, consistently applied encryption strategy,” says Peter Galvin, vice president strategy at Thales e-Security.

“Encryption is now widely accepted as best-practice for protecting data, and a good encryption strategy depends on well-implemented encryption and proper key management.”

RSA Conference 2016