According to new research sponsored by Entrust, Australia is lagging behind the global average regarding robust enterprise-wide encryption strategies.
The Entrust 2022 Australian Global Encryption Trends Study revealed that the number of organizations in Australia reporting having a consistent enterprise-wide encryption strategy stagnated at 55% in 2022 from 54% in 2021. Interestingly, the global average of organizations with a consistent encryption strategy enterprise-wide went from 50% to 62%, with the belief that many want more control over their data, which they have spread across multiple cloud environments.
The main driver for data encryption in Australia was to protect information from identified threats (68% of respondents versus the global average of 50% and an increase from 63% in Australia last year). The second largest driver was compliance with internal policies (53% of respondents versus the global average of 27%).
The financial and healthcare sectors turned out to be the areas that needed the most attention when it came to encryption, and in this case, Australia saw higher rates.
Financial data topped the list, with 56% reported in Australia and 45% globally, and health information was at 32% in Australia, compared to 22% globally.
Intellectual property was previously the most encrypted data type at 62% in 2021, now compared to 48% in 2022, followed by employee data (60% in 2021 vs. 50% in 2022).
Surprisingly, more than half of Australian respondents (57%) admitted that their company transfers sensitive or confidential data to the cloud, whether encrypted, unencrypted, or made unreadable through some other mechanism, such as tokenization or data masking. But there is a clear understanding of the need for change, and another 30% say they expect to make changes in the next one to two years.
Confidence VP of sales digital security APAC James Cook says the lack of growth can be attributed to a lack of skills and resources to perform encryption work.
“In Australia, we noticed that the encryption strategy has stalled over the past two years, which was an interesting finding as Australia was ahead of the global average last year. Organizations in Australia strive to protect sensitive data from threats while limiting their use of the cloud, containers, and IoT platforms increasing. Still, the slow growth highlights the pain point of skills shortages in Australia,” he says.
Employees also pose a significant risk to businesses in Australia, with 59% of respondents in the region citing employee error as the biggest threat that can lead to the exposure of sensitive data, compared to the global average of 47%.
“In the 17 years we have conducted this research, we have seen some fundamental shifts in the industry. The findings in the Entrust 2022 Global Encryption Trends study indicate that organizations are more proactive about cybersecurity than just reactive, says the Ponemon Institute president. And founder Dr. Larry Ponemon, who conducted the research.
“While the sentiment is very positive, the findings also point to an increasingly complex and dynamic IT landscape with increasing risks that require a hands-on approach to data security and an urgent need to translate cybersecurity strategies into action sooner rather than later.”
Confide in Cindy Provin, senior vice president for identity and data protection, that organizations need to think proactively about how they use encryption.
“Managing encryption and protecting its keys are growing pain points as organizations use multiple cloud services for critical functions,” she says.
“As the workforce becomes more volatile, organizations need a comprehensive security approach built on identity, zero trust, and strong encryption rather than legacy models that rely on perimeter security and passwords.”