nCipher Security Blog

Creating broader understanding and more widespread adoption of encryption is a journey

Cindy Provin | SVP Entrust Datacard and General Manager, nCipher Security More About This Author >

Many of us take planes, trains and automobiles. We don’t have to be hydraulic specialists, railroad engineers or car mechanics to use these modes of transportation. But it doesn’t hurt to know how to navigate an airport and read a train schedule or understand the rules of the road.

Of course, today our journeys aren’t always in the physical world. When we want to go somewhere or do something, we often do it online.

Understanding how to navigate and stay safe in the virtual world is critical. In the physical world, we protect ourselves with safety methods, for example, by buckling our seatbelts and standardizing airbags. In the digital world, we need to safeguard our data, devices and privacy from vulnerabilities.

You don’t need me to tell you the importance of cybersecurity. Data breaches, ransomware and other online security events are in the news almost daily. That is why encryption is one of the strongest and most effective way to protect critical data.

But encryption is a fairly new concept to many individuals and organizations. We wanted to understand just how much Americans understand about encryption. So, we fielded a survey of 1,000 U.S. adults to find out. Here’s a snapshot of what we discovered.

Most Americans correctly identified the definition of encryption

More than 72% of the survey group was able to select the right definition of encryption.

The right definition is that encryption “means making data unreadable to anyone other than those holding the encryption key.”

However, the rest of the group either selected one of the two wrong answers. Or they said they had no idea what the correct answer was.

Even more said that encryption – in general and related to cloud – is important

Additionally, more than 87% of the survey group said that encryption is important. And more than half said they understand that their private data is safe in the cloud if it is encrypted.

That is encouraging, especially given the expanding threat landscape. As more applications and endpoints go online, cybersecurity becomes an even greater challenge.

Just look at where things are going. Gartner expects the public cloud services market to grow to $266.4 billion by the end of this year. Forrester thinks the public cloud market will grow to $411 billion by 2022, and 451 Research says nearly 14 billion IoT devices could be online by 2024.

But many appeared uncertain about who can and should encrypt what and how it works

Only a little more than half the survey group (53.3%) understand that individual consumers can encrypt their own personal data. Nearly a third (32%) said they didn’t know if consumers can do so. And 14.7% incorrectly answered that individuals cannot encrypt their own personal data.

That suggests that businesses and government must work to educate consumers about encryption. The upside is that some already are doing that. For example, nCipher, an Entrust Datacard company, has sponsored this survey, and we regularly write and speak about encryption. In addition, the U.S. Federal Trade Commission advises members of the public to use encryption to keep their personal information secure.

When asked why people and companies encrypt data, however, fewer than half of our survey group answered correctly. Slightly more than 47% rightly said that individuals and organizations use encryption to keep data secure until it’s unencrypted. Even fewer were able to correctly identify cryptographic keys when provided with a series of answers. Just 45.9% correctly identified cryptographic keys as a series of codes needed to unlock encryption.

Nonetheless, most understand the case for using encryption to protect their finances

More than half of the survey group indicated that they understand that encryption can be used to secure online banking (55.7%) and financial information (52.6%). Forty-six percent said it can be used to secure mobile payments. And more than 42% said it can safeguard mobile wallets. That is encouraging, since financial gain is the most common driver of data breaches. The 2019 Verizon Data Breach Investigations Report said 71% of breaches are financially motivated.

That explains why financial institutions encourage their customers to use encryption. This Bank of America FAQ page is one example of that. It talks about how encryption works to secure online banking, financial information and mobile payments.

Consumers apparently want their financial services companies to use encryption, too. More than half (54.9%) of the survey group said they place the highest trust in the financial services sector to encrypt their data. The health care industry (38.7%), technology (36.1%) vertical and public sector (30%) ranked next on the “most trusted to encrypt your data” list.

Still, plenty of confusion exists, and many people would like more certainty

However, there appears to be a fair share of confusion as to which applications encryption can secure. There are lots of them, including blockchain, cloud, digital payments, and IoT.

Nearly 40% of Americans misunderstand what encryption is. Survey results suggest this group either thinks encryption means you have to enter a password before you can unlock data or that it occurs when you’ve installed an antivirus system on your computer.

Yet, as more breaches occur and more connected endpoints join the fray, more people are becoming aware of the need to use encryption to secure their data and devices. And they’re wanting more certainty related to encryption and cybersecurity.

A proof point of the need for greater certainty is the fact that 74.3% of survey participants said they would feel very or somewhat safe that their private information was secure if they knew it was given a formal seal of encryption, while 47.9% said they would trust a company that used a formal seal of encryption.

Such certification could be in our collective future. And proven encryption solutions exist today.

People and organizations wanting to protect their enterprise infrastructure, network communications and sensitive data against threats should get onboard with encryption today.

For more information about encryption, please visit nCipher’s FAQ page. You can also follow nCipher on Twitter, LinkedIn, and Facebook.