The use of encryption technologies in Australian organisations is outpacing the global average, according to a recent report from cybersecurity firm Entrust.
The Entrust 2021 Australia Encryption Trends study, conducted by the Ponemon Institute, found that 54% of respondents now have an encryption plan that is applied consistently, slightly higher than the global average of 50%.
Organisations are looking towards encryptions for reasons such as protecting information from identified threats (63%), and external privacy or data security regulations and requirements (52%).
“With organisations in Australia increasing their use of the cloud, containers and IoT platforms, it's clear that IT and security professionals across the continent strive to defend sensitive data against specific, identified threats, and comply with both internal policies and external data protection mandates,” explains Entrust's director digital security solutions APAC, Jiro Shindo.
The most common types of encrypted data include intellectual property (62%), employee and HR data (60%), payment-related data (60%), and customer information (54%).
What's more, almost two-thirds of Australian respondents believe that employee errors are a threat to sensitive data.
Delving deeper into the data, this is perhaps not that surprising. Increasingly, organisations have very diverse encryption technology needs in order to protect a wide range of data,” says Shindo.
“Employees are thus forced to learn the security configurations of multiple tools, making errors unavoidable. This is a particular challenge with public cloud environments, as each offers its own settings and functionality, which are regularly updated.
While only 34% of Australian respondents report experiencing a breach (10% lower than the global average of 44%), organisations are using encryption for many different applications. These applications include disk encryption, database encryption, and backup and archive.
But with increasing encryption application comes more administration - almost 60% of Australian respondents say that encryption key management is ‘very painful' due to a lack of skilled staff and poor key management tools. This can lead to errors in the manual administration of these keys.
“While data encryption helps address these challenges, it also brings its own challenges stemming from inadequate encryption key management tools and skills shortages,” says Shindo.
“Rising use of HSMs for encryption and key management shows that IT is starting to meet these hurdles. Organisations will benefit from a maturing ecosystem of integrated solutions for cloud security policy management, secrets management and securing containers and application development to help them bring their crypto into the light and under control.
The report suggests that hardware security modules (HSMs) can help to manage encryption keys. In Australia, 42% of organisations use HSMs, and they are growing in importance.
The global survey polled 6,610 IT professionals from 17 countries.