View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Software
July 8, 2009

Encryption reduces risk of data breach: study

Enterprise encryption technology not fully exploited

By CBR Staff Writer

Encryption does help reduce the likelihood of an enterprise data loss or data breach incident latest research has confirmed, but organisations are still not doing as much as they could with the technology.

In a study carried out by the reputable Ponemon Institute for PGP Corp, a third of those companies reporting no data loss incident in the last year claimed to have had instigated an enterprise-wide encryption policy.

In contrast, organisations experiencing the highest number of data loss incidents were found to be the least likely to have introduced a consistently enforced, company-wide strategy governing the use of data encryption technologies.

Of firms reporting more than five loss incidents, none had any kind of encryption strategy in place. 

The study found that 57% of UK businesses are now using some type of encryption solution in order to protect sensitive information, with around 36% having introduced a partial strategy to protect certain applications, departmental activities or data such as credit card numbers.

“Encryption is most widely used to protect the data held on file servers, Virtual Private Networks (VPN) and databases. VOIP and mainframe encryption are the least deployed applications,” the report noted.

Despite the widespread use of smartphones, only 34% of the study partcipants said they believe it is only sometimes necessary to encrypt the confidential data held on portable devices. Some 13% think it completely unimportant.

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

As many as 615 IT security professionals at enterprises and public sector organisations were polled for the study, which found that 70% of UK organisations have been hit by at least one data breach incident within the last year. That number is up from 60% in the previous year.

In its 2009 Annual Study: UK Enterprise Encryption Trends, Ponemon notes that the public sector experienced the highest number of data loss incidents in the last year.

Phillip Dunkelberger, CEO of PGP said, “This study underlines the critical importance of implementing an encryption strategy that encompasses all aspects of an organisation’s data, not to just meet privacy or data security regulations but to also protect against brand damage and loss of customers.

Yesterday, Kent-based Jubilee Managing Agency Ltd became the latest company to be found in breach of the Data Protection Act, after the insurance company had to report the loss of an unencrypted disk containing the personal details of around 2,100 individual UK policyholders.

It has been instructed by the ICO to sign a ‘formal undertaking’ to enhance its data protection methods.

The Ponemon Institute has estimated the average UK data breach costs a total of £1.7 million – said to be the equivalent of £60 for every record compromised. 



Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.