Thales report: Only 30 percent of businesses in the Middle East have a comprehensive data encryption strategy

31

New study also probes external factors influencing encryption, cloud security practices

Philip Schreiber, Regional Sales Director for Thales e-Security MEASA

Dubai: Thales, a leader in critical information systems, cyber security and data security, announces the findings of the Middle East edition of its 2017 Global Encryption Trends Study. The report, issued in conjunction with the Ponemon Institute, investigates the encryption deployment plans of Middle East businesses, the decision makers responsible for setting encryption strategy, and the use of encryption to secure data within enterprise and cloud applications.

In the Middle East, only 30% respondents have a comprehensive encryption strategy – a number that stands in marked contrast to the global rate of 41%. At 33%, IT operations has the most influence in directing that strategy. This finding is also in contrast to the global figure, where for the first time in the history of the study, business unit leaders had the highest influence. Other critical findings demonstrate organizations show a preference for control over encryption in the cloud and are readily deploying hardware security modules (HSMs) to protect their data:

  • 60% of respondents take one of two routes: they either perform encryption on premise prior to sending data to the cloud, or encrypt in the cloud using keys they generate and manage on premise
  • Only 37% are willing to turn over complete control of keys and encryption processes to cloud providers
  • The overall HSM usage rate is 34% and the top deployment model for HSMs used with cloud applications is on-premise (49%)
  • The top two software-as-a-service (SaaS) applications that respondents currently encrypt with, or plan to encrypt with, are Microsoft Office 365 (50%) and Salesforce.com (38%)

Philip Schreiber, Regional Sales Director for Thales e-Security MEASA, says:

“As businesses the world over increasingly turn to cloud services, we’re seeing a rapid rise in sensitive or confidential data being transferred to the cloud and yet in the Middle East less than a third of respondents had an overall, consistently applied encryption strategy. Encryption is now widely accepted as best-practice for securing data and a good encryption strategy depends on well-implemented encryption and proper key management. Thales hardware security modules (HSMs) have provided reliable high-assurance key management for decades and this year’s study underscores their importance in securing a wide range of critical applications.”

Other key findings:

  • 30% are currently using or planning to use HSMs with Bring Your Own Key (BYOK) deployments, with 23% claiming the same for Cloud Access Security Broker (CASB) deployments. Usage of HSMs with CASBs is expected to almost double in the next 12 months (from 12 to 23%)
  • The top drivers for encryption are IP protection and protection of customer information. This is in contrast to the global data where compliance is, and historically always has been, the top driver for encryption. In the Middle East, compliance ranked 5th on the list at 28% (as compared to the global average of 55%)
  • Encryption use in the Middle East is highest for internet communications, databases, and laptop hard drives

Downloads: 2017-Global-Encryption-Trends-Middle-East-Edition-in

To learn more about Thales solutions, please stop by stand number D90 at the Gulf Information Security Expo and Conference (GISEC) at the Dubai World Trade Centre, UAE between 21-23 May.

The study is based on a survey of 316 individuals in Saudi Arabia and the United Arab Emirates to examine the use of encryption and its impact on the security posture of organisations. Almost half of those surveyed were at or above supervisory levels and 51 percent work in IT operations. Reflecting the diverse coverage of the study across multiple industries, 21 percent surveyed were in the energy and utilities industry, 16 percent in services and 13 percent in financial services.