Encryption on the rise thanks to GDPR

More than half of organisations enforce encryption of data on all mobile devices and removable media.

  • 5 years ago Posted in
Apricorn has published findings from a survey highlighting the rise in encryption technology post GDPR enforcement. Two thirds (66%) of respondents now hardware encrypt all information as standard, which is a positive step considering over a quarter (27%) noted the lack of encryption as being one of the main causes of a data breach within their organisation.


This is in contrast with last year’s survey where only half enforced encryption of data, or were completely confident in their encrypted data, in transit (52%), in the cloud (52%) and at rest (51%), showing a discernible increase in the use of, and need for, encryption as a key component of the data security process.


Forty one percent of respondents have also noticed an increase in the implementation of encryption in their organisation since GDPR was enforced, and their organisation now requires all data to be encrypted as standard, whether it's at rest or in transit. This demonstrates the significance of encryption in GDPR compliance and the protection of sensitive data and is likely driven by it being specifically recommended in Article 32 of GDPR as a method to protect personal data and in Article 34, where obligations towards breached data subjects are reduced where the breached data is encrypted.


GDPR is clearly making security a board level topic with the C-suite now owning the security budget in eighty six percent of the companies surveyed. Organisations are allocating just under a third (30%) of their IT budget to GDPR compliance, which is huge increase when considered against research commissioned by IBM in 2018 that set the ideal spend on cyber security, in general, at 9.8 to 13.7% of the IT budget.

 

However, despite last year’s survey finding that ninety eight percent of those who knew that GDPR applied to them forecasting a need to assign further budget and resources after achieving compliance, almost a quarter (24%) of this year’s respondents that claim to be in compliance, believe they do not need to assign any further budget or resources. 


Jon Fielding, Managing Director, EMEA Apricorn commented: “With the one year anniversary of GDPR this week, it’s clear that organisations are getting their houses in order, but there still seems to be a long way to go in terms of education and awareness. Organisations need to be mindful that GDPR is an ongoing process and not just a tick box exercise. The most common ways to maintain compliance are to continue to enforce and update all policies and invest in employee awareness on a regular basis. Additionally, encryption is a key component within the compliance “kit”, helping to lessen the probability of a breach and mitigate any financial penalties and obligations that would apply in the unfortunate event of a breach.”

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Atos has launched Atos OneCloud Sovereign Shield, a set of solutions, methodologies, and...
New distribution agreement set to bolster Westcon-Comstor’s Zero Trust offering in more markets...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real...