Using encryption to help fight data breaches
- By Nick Jovanovic
- Jul 13, 2018
The question seems simple, “What will it take to stop the breaches?”
Cybersecurity continues to be a priority in all branches of government as well as for businesses, to academic institutions and everyone in between. Despite this attention and an increase in resources, the number of data breaches continues to escalate, with federal agency data under siege. Seventy-one percent of government respondents to a recent survey report their organization was breached sometime in the past. Our Federal Edition of the 2018 Thales Data Threat Report reports that of those organizations, 57 percent have been breached in the last year – a number that is three times the rate just two years ago. More alarmingly, perhaps, is that 67 percent of all enterprises have been breached with many of those having been breached more than once.
These statistics indicate that data breaches remain pervasive within the federal government, and that the current methods to secure agency data are not working as effectively as they could.
What will it take to stop the breaches?
The key to understanding cybersecurity is to realize there is no silver bullet. There is not one solution, technique or technology that can protect information everywhere at all times. Cybersecurity requires a confluence of technologies, architectures, policies and employee training. Agencies must adopt a defense-in-depth approach, move away from an over-reliance on network and endpoint security and create a comprehensive data-centric approach to security.
With increasingly porous networks and expanding use of cloud resources traditional endpoint and network security are no longer sufficient. When implemented as a part of the initial development, data security -- most especially, encryption -- offers increased protection to known and unknown sensitive data in advanced technology environments.
A push for encryption
Encryption technologies are critical to protecting data at rest, in motion and in use. Encryption secures data to meet compliance requirements, best practices and privacy regulations. It’s the only toolset that ensures the safety and control of data not only in the traditional data center, but also with the technologies used to drive digital transformation in the enterprise.
Let’s look at enterprise cloud deployments, a key objective for almost all large enterprises. In the Thales survey, more than 50 percent of technology executives said they were either “very” or “extremely” concerned about cloud security related to attacks on the service provider, the security of cloud-hosted data and the management and custodianship of encryption keys across multiple cloud environments.
Government IT modernization and internet-of-things initiatives mean more data is being stored in the cloud, in big data repositories and in containers. This digital transformation is creating new risks because each environment, and each vendor within these environments, requires a unique approach to protecting data. Encryption can play a key role in this approach.
Many people still think encryption takes a toll on network performance. This long-standing, dated and increasingly inaccurate notion needs to be put to bed. Performance concerns tend to be a relic of the early days when encryption solutions were software-based encryption and performance impacts were real.
Despite these misconceptions, IT managers understand the need for encryption, especially as their agencies begin migrating to the cloud, and survey respondents cited it as the top control for protecting the enterprise cloud.
Safeguarding against threats
With encryption and an end-to-end cybersecurity strategy, agencies can mitigate threats and make sure that data remains protected. Encryption can help secure big data analytics, IoT devices, and mobile payments and processing, just to name a few government applications.
Although the management of encryption keys can be challenging for organizations dealing with budget and staffing limitations, agencies can start by selecting encryption and key management technologies that offer a smart, centralized approach and work across clouds, whether on-premises and in data centers. Government IT managers can implement ‘bring your own key’ solutions to remotely manage their cloud deployments, which will help them better protect and control their data.
As agencies continue to bring in modern technologies, they will want to ensure the safety of their network and data. There is no one solution that can keep information safe, but using encryption keys combined with sound cybersecurity policies, training and technologies can go a long way in protecting the enterprise.
Nick Jovanovic is vice president of Thales eSecurity Federal.