Data Encryption

Who Has the Keys to My Encryption Door?

As an interesting foot note to the  Data Breach Index Report revealed that only 58 of the data breach incidents reported in 2014 (less than 4% of all incidents) involved data that was encrypted either in part or in full. This highlights that encryption technologies can reduce data breaches.

Encryption Featured in the Media

Encryption technologies have been in the news in recent months. The UK government has announced plans for new anti-terror laws, including plans to crack down on anti-surveillance techniques; in other words, a crack down on the use of end-to-end encryption technology.

The government’s announcement prompted Phil Zimmerman (the creator of PGP the most widely used e-mail encryption software) to comment that he felt the proposals were absurd. He claimed that any such proposals would be unworkable.

Our Survey Results

Bridewell conducted a survey at a recent ISC2 event to gather opinion on the subject. Firstly the poll asked if participants believed they have adequate levels encryption within their organisation and secondly instead of banning encryption technologies how should the government address the use of cryptography?

53% of respondents felt their business did not have adequate cryptographic solutions and needed better solutions to address new and emerging threats. However, 45% believed the solutions they had in place did meet their current business requirements.

30% of the respondents believed the government’s proposal resulted from a lack of understanding of what encryption does and why. They felt a combination of better education on the use of cryptography together with better licensing of cryptographic technologies would address the governments concerns. 15% did however believe there should be two forms of cryptographic solutions; tightly controlled commercial solutions and publically available ones. Another 15% believed it was far easier just to give the government a backdoor into any cryptographic solution.

One respondent did question that if it was such an issue for the government and the security services, what was the scale of the problem they actually faced? Another jokingly responded that if they knew the answer to this dilemma they would be a millionaire.

It will be interesting to see the impact on business and consumer on-line habits if the government’s proposals become law.

For more information on how Bridewell’s services can support your organisation, get in touch with our team for a confidential conversation.