Middle Eastern Encryption Study finds large proportion of regional organisations still open to mega breaches and cyber-attacks
A new report reveals that despite the threat of cyber-attacks and theft of highly sensitive information, many organisations in the Middle East are still leaving their data unencrypted.
Governments and large organisations in almost every sector in the region have sustained damage from cyber-attacks, with one attack in particular on two Middle Eastern banks resulting in a direct financial loss of $45m.
According to the latest 2016 Global Encryption Trends Study: Middle East, based on independent research by the Ponemon Institute and sponsored by Thales, global provider of critical information systems and cybersecurity, 45% of respondents either don’t have an encryption plan or strategy, or have a limited encryption strategy for certain types of sensitive data, such as Social Security numbers or credit card accounts.
A large proportion of respondents (75%) embrace some type of encryption strategy, meaning the use of encryption continues to grow in response to privacy compliance regulations, consumer concerns and cyber-attacks. The majority of organisations plan to transfer sensitive data to the cloud within the next two years, or already do so, indicating an awareness to address the issue.
Peter Galvin, vice president strategy at Thales eSecurity, says:
“The proliferation of data that is occurring with increased connectivity, larger numbers of endpoint devices and greater use of the cloud, means we would expect most organisations to have an encryption strategy applied consistently across the entire enterprise, yet results show that just over half do. In terms of protecting data, encryption is widely accepted as best practice, yet many firms are still clearly vulnerable and in a position of weakness. Well-implemented encryption and reliable key management, as provided by Thales hardware security modules (HSMs), are fundamental to the securing of critical applications and it is becoming ever more vital in the protection of sensitive and crucial information.”
- Discovering where sensitive data resides in the organisation is the biggest challenge to a successful encryption strategy (54% of respondents).
- Human resource data the most likely data type to be encrypted, suggesting that encryption needs to be addressed by companies of all types.
- Support for cloud and on-premise deployment, and system performance and latency are considered the two most important features of encryption.
- IT operations (32% of respondents) and IT security (25%) have most influence in directing encryption strategies.
Dr Larry Ponemon, chairman and founder of The Ponemon Institute, says:
“The findings of this year’s study demonstrate the importance of both encryption and key management across a wide range of core enterprise applications – from networking, databases and application level encryption to PKI, payments, public and private cloud computing and more. We would certainly expect encryption coverage to increase as Middle Eastern organisations understand how important the process has become.”
Download your copy of the new 2016 Global Encryption Trends Study: Middle East.