A new study by information and communications security company Thales (News - Alert) was revealed this week. The 2011 Global Encryption Trends Study revealed that encryption is being seen as a strategic issue that organizations must be aware of and take action against. As a response to compliance regulations and cyber-attacks, encryption is one thing a company can deploy to ensure its business’ information is safe and secure.
This year the report surveyed more than 4,000 businesses in the US, UK, Germany, France, Australia, Japan and Brazil. It found that encryption deployment rates did vary from country to country, but overall it is a growing concern that all businesses in those countries are trying to address. In fact, this year’s study revealed that for the first time there are more organizations with encryption studies than without.
The three main drivers for deploying encryption solutions are to protect brand reputation, lessen the impact of data breaches, and complying with privacy or data security regulations and requirements.
Encryption is also something companies must deploy correctly in order for it to be effective, says Thales vice president in charge of information technology, Franck Greverie. “Thales enables its customers to achieve high levels of assurance when deploying all forms of cryptography. By following the appropriate standards of due care our customers are able to reinforce their organization’s data security practices and protect their most valuable assets and business processes”.
When comparing the handful of successful cyber attacks on businesses with the millions that are thwarted each year, it is easy to assume that the “good guys” are winning the corporate cyber security war. But a single data breach can result in the loss of millions of dollars and irreparable damage to a company’s reputation. New tactics and strategies are developed in the cyber threat landscape each day; therefore, it is important for organizations to easily update networks and endpoints with latest operating system and application patches.
Another survey taken by the Carnegie Mellon CyLab Governance suggests that although improvements have been show in the business sector, cyber risks are still not getting enough attention board members and senior executives. Many companies that do have key privacy and security roles often do not employ at these positions full time. Also, there could be more awareness on the part of the executives in regards to reviewing how their organization’s insurance will cover cyber-related risks.
Improvements have been made in protecting companies from cyber risks, but more can still be done. Organizations must engrain a no-nonsense tone in regards to cyber-security from the top-level management down to all its employees. Companies can only be as effective as their senior level management will allow them to be, so accountability for cyber information must begin with them. Simple things like ensuring a regular information flow on cyber security risks and braches to board members, reviewing annual IT budgets to make room for privacy and security needs, and conducting annual reviews of the organization’s IT security effectiveness can make a huge difference for businesses struggling to stay relevant in this new world of corporate-cyber-espionage.
If you are a business and you are unsure about what type of cyber security you have, chances are it is not an effective system. It is a crazy new cyber world out there, be sure to protect you and your business from unwanted risks.
Edited by Jennifer Russell