The Security Landscape of Today—Data Encryption as a Counter to Data Breaches
In 2016, the research team at Peak 10 surveyed a sample of 183 enterprise decision makers all facing a myriad of complex regulatory pressures to find out their specific compliance requirements, current and predicted usage of data encryption services, perceived importance of encryption, and budgetary concerns.
Findings suggested that the primary driver precipitating data encryption is regulations, with two-thirds of respondents having reported that they are subject to regulatory requirements (of which encryption is a component). An equally significant driver is the undeniable increase in data breaches. According to Trustwave’s 2016 Global Security Report, card payment information was the data most sought after by hackers in 2015, making it the driving force behind 60% of the attacks the firm investigated. All enterprises are confronting a series of trust concerns and the looming threat of resulting negative financial impacts, as well as federal and state penalties (particularly where healthcare and payment card data are concerned).
Cybercrime is a growing business, currently estimated at over $400 billion globally, and that number is on the rise with the increasing frequency of data breaches. Cyberattacks are no longer an unknown risk; they’re an impending guarantee, and when it happens, your organization will be legally required to carry out public disclosure if the stolen data wasn’t encrypted.
In the 2016 Cost of Data Breach Study by the Ponemon Institute, the average cost of a data breach rose to $4 million. On a per record basis, companies paid on average $158 for each lost or stolen record containing sensitive information.
Additionally, the branding and reputation that takes years for a company to build can be rapidly marred by a single breach of proprietary data. In this age of cybercrime, encryption can be a reliable last line of defense to preserve the integrity of your company’s data and reputation.
Recognizing the Value of Encryption While Mitigating Risk
The best thing your business can do to protect itself is invest in a complete, vigorous security program. The greater the sensitivity of the data you house, the more you should be willing to invest. Nothing good will come from cutting corners when it comes to your encryption budget. Security is a practice area in which your team must invest continuously.
Compliance requirements such as HIPAA and PCI-DSS are baseline standards for your business. Establishing and staying in compliance is absolutely necessary, and it may shore up security efforts marginally, but what are you really doing to protect your critical business data and the data of your customers?
Edge firewalls, Intrusion Detection and Prevention Systems (IDS IPS), and other solutions alone are not sufficient for customer data. Breaches still occur and data is compromised. Protecting data at the server level is crucial, and encryption is the only method that will secure your data in the event of a breach. Using a reliable encryption as a service solution will help your security team secure critical data that is the lifeblood of your company, brand, and reputation, while keeping control and visibility in your hands.
The Peak 10 Encryption Video Series
The results of the Peak 10 2016 Encryption Study yielded a range of information covering specific compliance requirements, current and predicted usage of encryption services, perceived importance of encryption, and budgetary concerns.
We’ve put together a five-part Encryption Video Series in hopes that your security group will be able to use information relevant to your organization and be better equipped to make advantageous security decisions for the future. We encourage you to continue to follow the Encryption Video Series to learn more about how encryption can protect and bring value to your business.
Peak 10 is available to discuss your organization’s encryption needs, from compliance considerations to data classification. If your organization is unsure of whether you have correctly implemented encryption, or has a new security initiative on the horizon, we welcome you to reach out to us at www.peak10.com/contact-us or (866) 473-2510.