Survey warns that UK is playing catch-up with data security
April 2012 by Thales
Thales releases the 2011 UK Encryption Trends Study. The report reveals warning signs that the UK lags behind many of its closest competitors such as Japan, the US and Germany in both awareness of data security risks and deployment of encryption solutions to counter those risks.
On a positive note, the report shows that the overall security posture of UK organisations taking part in the survey has steadily increased over the six years that the Ponemon Institute has conducted this research in the UK. This is underscored by a 15% compound annual growth rate in the use of encryption by participating UK companies, a factor that correlates very strongly with general awareness of data security threats and an a clear understanding of how best to respond to those risks. Overall, 79% of UK respondents said that data protection techniques such as encryption are an important component of their risk management efforts and on average expected to increase encryption budgets by 20% in 2012 compared to 2011.
Since the research began tracking encryption trends in 2006, more respondents in UK organisations report that they already have or are now adopting an overall encryption strategy that is applied consistently across the enterprise. Compliance with privacy and data security regulation is the most commonly cited driver for deploying encryption among those organisations that have an overall encryption strategy in place. Regarding how encryption technology is currently used within the enterprise, respondents ranked back-up files, databases and external communications networks as the top three examples of where encryption was used extensively in their organisations.
When asked about their understanding of encryption technologies and deployment priorities in the UK, respondents demonstrated a high level of awareness and sophistication, for example:
80% recognized the need to maintain the secrecy of encryption keys
70% rated the protection of encryption keys in dedicated hardware devices (such as hardware security modules) as important or very important
69% recognized the importance of independent security certification for encryption technologies
69% highlight that automated key management for encryption keys is either important or very important and 71% believe that investment in key management systems reduces IT operating costs.
Richard Moulds, vice president strategy, Thales e-Security says: “Although there are some warning signs that the UK may be currently lagging behind other nations in the general area of data security it is important to remember that this technology area is very dynamic. Data protection technologies such as encryption have been an important part of the security landscape for many years but are now rapidly becoming established as critical elements of mainstream security strategies. Thales is proud to sponsor this important research programme, and to help increase the awareness of important deployment choices and best practices within the UK IT security community. We look forward to working closely with our customers to ensure they derive the maximum protection for their most valuable data while minimising the impact on their business and easing their path to regulatory compliance.”
651 business and IT managers at UK organisations were surveyed for the report. The first encryption trends study was conducted in the US in 2005. Since then the scope of the research has been expanded to include countries in various regions of the globe.