Emerging use cases and greater cloud adoption are driving encryption strategies in Southeast Asia 2019 Southeast Asia Encryption Trends Study July 2019 www.ncipher.com
About this research Over 5,800 IT and IT security practitioners in Australia, Brazil, France, Germany, India, Japan, Mexico, Middle East, Russian Federation, South Korea, United Kingdom, United States and, for the first time, two new regions in Asia: Southeast Asia and Hong Kong and Taiwan. 268 respondents in Southeast Asia, which includes Indonesia, Malaysia, Philippines, Thailand and Vietnam. The research examines how the use of encryption has evolved over the past 14 years, and the impact of it on the security posture of organizations in the face of today’s most pressing data protection challenges. Sponsored by 2
Agenda Broad encryption trends 2019 Cloud use and emerging use cases are driving technology adoption Encryption drivers and challenges The role of HSMs Recommendations & conclusions 3
Global companies continue to apply encryption more consistently 45% Steady rise over 14 years of organizations worldwide now have a consistent, enterprise- wide encryption strategy Maturity varies across regions Enterprise-wide use of encryption has increased 67% 33% 26% Southeast Brazil Germany Asia 4
Encryption by industry - Global 52% +9% Continued growth across 47% sectors 43% +11% 42% 42% +10% 39% +11% +20% 31% 32% Largest increase in 28% 27% Manufacturing More focus on protecting personal information Tech & Public Consumer Manufacturing Hospitality IP protection and safety are Software sector Products also factors 7 year consolidation Current 5
Cloud momentum – Southeast Asia Do you transfer sensitive or confidential data to the cloud? 46% 41% Fastest adoption + = rate of all regions In the next Currently 12-24 months 48% 39% Over the next 12 months of organizations in Southeast Asia use only of organizations in Southeast Asia plan to use keys controlled by their organization HSMs to generate and manage BYOK keys for when encrypting data at rest in the cloud public cloud encryption (1 5% higher than the (7% higher than the global average) . global average ). 6
Investments to address emerging security use cases Organizations in Southeast Asia are addressing emerging use cases ahead of global averages When choosing 29% of organizations plan to deploy encryption HSMs for Blockchain solutions, 65% of applications in the organizations look 65% 29% next 12 months. for solutions that support emerging Highest of all regions algorithms (e.g. ECC). 8% higher than the global average 7
Threats to sensitive/confidential data – Southeast Asia What are the main threats that might result in the exposure of to sensitive or confidential data? Southeast Asia Highest of Global average 54% any region 48% 39% 30% 30% 27% 24% 23% 22% 21% 21% 19% 17% 12% 12% 11% 9% Government Lawful data Employee Temporary Hackers Malicious Third party System eavesdropping request or contract Mistakes service or process insiders (e.g. by police) workers providers malfunction 8
Encryption drivers – Southeast Asia What are the reasons why your organization encrypts sensitive and confidential data? To protect enterprise intellectual property To protect against specific, identified threats 60% 53% 6% higher than the 2 nd highest reason global average 9
Encryption challenges – Southeast Asia Biggest challenges in planning and executing a Global data encryption strategy avg: 69% More than one choice permitted Highest rate of challenge with deploying encryption technology Discovering where sensitive data 65% resides in the organization Initially deploying the encryption 57% technology Less trouble with data discovery Global Determining which encryption 26% technologies are most effective avg: 42% 22% Classifying which data to encrypt Higher comfort level with Global classifying data to encrypt avg: 32% Ongoing management of 19% encryption and keys Training users to use 10% encryption appropriately 10% 20% 30% 40% 50% 60% 10
What keys are hardest to manage? Southeast Asia Global average: 57% SSH keys 65% 7% lower than Keys for external cloud or hosted services 53% global including Bring Your Own Key (BYOK) keys average Signing keys 53% (e.g., code signing, digital signatures) 37% Keys associated with TLS/SSL 35% Payments-related keys (e.g., ATM, POS, etc.) 9% lower than End user encryption keys (e.g. email, full disk 32% global average encryption) 10% 20% 30% 40% 50% 60% 11
The role of HSMs www.ncipher.com
The role of Hardware Security Modules (HSMs) Highest level of protection for encryption or signing keys Implement and enforce policy A Hardware Security Module (HSM) is a certified, trusted platform for performing cryptographic operations and protecting keys “Harden” applications that use cryptography Source of high quality randoms/keys 13
Adoption of HSMs – Global / Southeast Asia Southeast Asia Global 47% 36% of organizations of organizations use HSMs use HSMs 14
Overall importance of HSMs is growing How important are HSMs to your encryption or key management strategy? ‘Very important’ and ‘Important’ responses combined 40% 49% TODAY IN THE NEXT 12 MONTHS 15
Conclusions and recommendations Expand encryption footprint, even if only incrementally Evolve security in line with business models Encryption for data security, HSMs for application protection The keys are the key Download the study www.ncipher.com/seaets 16
Thank You www.ncipher.com
Recommend
More recommend
