Emerging use cases and greater cloud adoption are driving - - PowerPoint PPT Presentation

www.ncipher.com

2019 Southeast Asia Encryption Trends Study

Emerging use cases and greater cloud adoption are driving encryption strategies in Southeast Asia

July 2019

About this research

Over 5,800 IT and IT security practitioners in Australia, Brazil, France, Germany, India, Japan, Mexico, Middle East, Russian Federation, South Korea, United Kingdom, United States and, for the first time, two new regions in Asia: Southeast Asia and Hong Kong and Taiwan. 268 respondents in Southeast Asia, which includes Indonesia, Malaysia, Philippines, Thailand and Vietnam. The research examines how the use of encryption has evolved over the past 14 years, and the impact of it on the security posture of organizations in the face of today’s most pressing data protection challenges.

Sponsored by

2

Agenda

Broad encryption trends 2019 Cloud use and emerging use cases are driving technology adoption Encryption drivers and challenges The role of HSMs Recommendations & conclusions

3

Global companies continue to apply encryption more consistently

Steady rise over 14 years

4

45%

• f organizations worldwide now

have a consistent, enterprise- wide encryption strategy

67%

Germany

33%

Southeast Asia

26%

Brazil

Maturity varies across regions Enterprise-wide use of encryption has increased

Encryption by industry - Global

Continued growth across sectors Largest increase in Manufacturing More focus on protecting personal information IP protection and safety are also factors

7 year consolidation Current 31% 42% 43% 52% 28% 39% Hospitality Tech & Software Consumer Products Public sector Manufacturing

+11% +9% +11%

32% 42%

+10%

27% 47%

+20% 5

Fastest adoption rate of all regions

Cloud momentum – Southeast Asia

6

• f organizations in Southeast Asia plan to use

HSMs to generate and manage BYOK keys for public cloud encryption (15% higher than the global average).

39% 48%

• f organizations in Southeast Asia use only

keys controlled by their organization when encrypting data at rest in the cloud (7% higher than the global average).

46%

Currently In the next 12-24 months

41%

+ =

Do you transfer sensitive or confidential data to the cloud?

Over the next 12 months

Investments to address emerging security use cases

7

Organizations in Southeast Asia are addressing emerging use cases ahead of global averages

65%

When choosing encryption solutions, 65% of

• rganizations look

for solutions that support emerging algorithms (e.g. ECC). 8% higher than the global average

29%

29% of organizations plan to deploy HSMs for Blockchain applications in the next 12 months. Highest of all regions

Threats to sensitive/confidential data – Southeast Asia

8

Employee Mistakes System

• r process

malfunction Third party service providers Temporary

• r contract

workers Malicious insiders Hackers Government eavesdropping Lawful data request (e.g. by police)

What are the main threats that might result in the exposure of to sensitive or confidential data?

48% 21% 24% 17% 9% 12% 39% 27% 23% 54% 22% 19%

Southeast Asia Global average

30% 21% 11% 12% 30%

Highest of any region

Encryption drivers – Southeast Asia

9

2nd highest reason

To protect against specific, identified threats

60%

To protect enterprise intellectual property

53%

6% higher than the global average

What are the reasons why your organization encrypts sensitive and confidential data?

Encryption challenges – Southeast Asia

Less trouble with data discovery

10

Highest rate of challenge with deploying encryption technology Higher comfort level with classifying data to encrypt

Biggest challenges in planning and executing a data encryption strategy

More than one choice permitted

Global avg: 32% Global avg: 69%

20% 40% 60% 10% 30% 50%

65% 22% 57% 19% 10% 26%

Discovering where sensitive data resides in the organization Classifying which data to encrypt Initially deploying the encryption technology Ongoing management of encryption and keys Training users to use encryption appropriately Determining which encryption technologies are most effective

Global avg: 42%

What keys are hardest to manage? Southeast Asia

11

Keys for external cloud or hosted services including Bring Your Own Key (BYOK) keys SSH keys Signing keys (e.g., code signing, digital signatures) Keys associated with TLS/SSL End user encryption keys (e.g. email, full disk encryption) Payments-related keys (e.g., ATM, POS, etc.) 20% 40% 60% 10% 30% 50%

65% 32% 53% 53% 35% 37%

9% lower than global average Global average: 57% 7% lower than global average

www.ncipher.com

The role of HSMs

The role of Hardware Security Modules (HSMs)

Highest level of protection for encryption or signing keys

13

Implement and enforce policy “Harden” applications that use cryptography Source of high quality randoms/keys

A Hardware Security Module (HSM) is a certified, trusted platform for performing cryptographic operations and protecting keys

Adoption of HSMs – Global / Southeast Asia

36%

• f organizations

use HSMs

47%

• f organizations

use HSMs

Global

14

Southeast Asia

Overall importance of HSMs is growing

15

49%

IN THE NEXT 12 MONTHS

How important are HSMs to your encryption or key management strategy?

‘Very important’ and ‘Important’ responses combined

40%

TODAY

Conclusions and recommendations

16

Download the study

www.ncipher.com/seaets

The keys are the key Expand encryption footprint, even if only incrementally Evolve security in line with business models Encryption for data security, HSMs for application protection

www.ncipher.com

Thank You