|
Data Security report 2008
28/04/08
Sixty percent
of UK organisations experience a data breach and 49% of
organisations expect to deploy a single enterprise-wide key
management solution in 2008.
That’s
according to a report by PGP Corporation and results from a second
annual study by The Ponemon Institute identifying key areas of focus
in enterprise encryption usage, planning strategies, budgeting and
spending, deployment methodologies, and impact on data breach
incidents.
With the
impact of widely publicised data breaches in the UK over the past
year, UK enterprises are turning to encryption solutions to address
compliance and brand protection. The key findings of the 2008 Annual
Study: U.S. Enterprise Encryption Trends demonstrate organisations
continue to move towards a more strategic approach to encryption
including a larger focus on key management, especially those
companies identified as having the most effective IT organisations.
The study also
shows that 60 percent of organisations surveyed suffered at least
one data breach over the last 12 months with 28 percent of
organisations suffering two to five breaches during the same time
period. However, an emerging trend appears to show that
organisations with an enterprise encryption strategy lowering the
rate of data breaches. This demonstrates that an encryption
strategy, especially one implemented across the enterprise, can
reduce the costs and brand damage associated with data breaches and
likely leads to a more profitable business.
The study of
nearly 650 UK-based IT and business managers, analysts and
executives (51 percent at the director or VP level), identifies a
new trend that shows organisations with a more strategic,
enterprise-wide approach to encryption have experienced fewer data
breaches. In response to increasing demands for data security, 15
percent of organisations surveyed now have an encryption strategy
applied consistently across the organisation, up from 9 percent in
2007.
"This study
continues to break new ground in identifying enterprise IT security
trends," said Dr. Larry Ponemon, chairman and founder of The Ponemon
Institute. "Businesses in the UK have grappled with the new
realities of data breaches over the past 12 months. In response,
organisations are spending significant portions of their encryption
budgets on key management and are looking for more complete
solutions from a single vendor instead of point products. With more
organisations experiencing data breaches, those who deploy a
strategic encryption solution, like the PGP Encryption Platform,
reduce their risk."
Other key findings in this year's research include:
- Encryption
use across multiple applications grows. Respondents reported the
consistent encryption of laptops, emails, file servers, and backup
tapes increased. In the wake of publicised data breaches, tape
backup encryption is the most common, with 13 percent reporting use
most of the time. Laptop encryption used most of the time in
organisations grew to 12%, up from 10% in 2007.
- During the
last 12 months, organisations shifted their reasons for using
encryption dramatically: the use of encryption to comply with
privacy and data security regulations increased from just 17% of
those surveyed in 2007 to 58% in 2008.
- Key
management is more frequently budgeted for in 2008 as organisations
seeking to reduce operational costs prefer to choose just one
enterprise vendor. Organisations surveyed on average plan to spend
33 percent of their total encryption budget on key management
solutions:
- 51 percent
of organisations expect their key management investments to reduce
the overall operational costs of enterprise data protection.
- 49 percent
of organisations expect to deploy a single enterprise-wide key
management solution or deploy a single vendor's key management
solution for different purposes in 2008.
- Only 24
percent of organisations are seeking a tactical key management
solution for just one encryption application.
-
Organisations more interested in a platform approach. With a need to
enforce policy and increase automation for key management,
respondents were overwhelmingly interested in a platform approach;
at least 52 percent rating five fundamental characteristics of the
PGP Encryption Platform approach as important or very important.
Respondents believe a platform approach enables their business to
reduce expenses and improve productivity and identified these top
three benefits of this approach:
- Supports
development of a strategic encryption strategy (59 percent of
respondents)
- Reduces
operational costs (56 percent)
- Eliminates
redundant administrative tasks (52 percent)
Finding that
organisations with enterprise-wide encryption strategies are
reducing the risk of data breaches and organisations overwhelming
prefer a platform approach to encryption is significant in the
evolution of data security. The increased interest in automated
policy enforcement, single administration interface, and
comprehensive key management continue to favour adoption of an
encryption platform solution. The preference for adopting this
approach to managing multiple encryption applications from a single
console continues to mirror the progression seen with other
important enterprise applications such as ERP and CRM.
Recent
research conducted by the Ponemon Institute found the cost of a data
breach in the UK to average £47 per record compromised or an average
total of £1.4 million per breach.
"This study
reaffirms what we've been telling our customer for a long time - a
strategic encryption strategy defends an organisation's data more
effectively than assembling point encryption products," said Phillip
Dunkelberger, President and CEO of PGP Corporation. "The results
continue to show that the most effective enterprises are seeking a
platform approach to encryption."
In March, The
Ponemon Institute published the second annual report covering
Encryption Trends in the United States. The Ponemon Institute is
also conducting a second annual report for Germany and will conduct
first time research in Australia. These reports will be available
later this year.
Nick Gibson, editor
|
