Less than a third of security pros confident in encryption protections
Less than a third of cyber security professionals have high confidence in their organisations’ ability to secure and protect encrypted communications, according to a new report.
A survey of RSA Conference attendees by Venafi found that just 29 per cent of those in the industry have a high level of confidence in their use of encryption.
72 per cent of the security professionals questioned said data privacy is a priority for them, while 71 per cent said their organisations take the same standpoint.
As such, two thirds said their firms are considering increasing their use of encryption, but low levels of confidence in the security of these communications could undermine these efforts.
- Consumers don’t trust firms with their data – but take risks at home
- Consumers ‘willing to pay providers for all-in-one mobile security’
- Graduate talent overlooked as UK nears cyber skills ‘cliff edge’
- WordPress: A million sites defaced in attacker ‘feeding frenzy’
- IT departments struggling to keep the cloud secure, report finds
32 per cent of those surveyed said they are not confident, or have only 50 per cent confidence, in their organisations’ ability to secure and protect encrypted communications.
Seven per cent said they have no idea if their firms can protect encrypted communications, and 72 per cent said they are more concerned about encryption backdoors today than they were a year ago – a change the report attributed to “recent global geopolitical changes”.
“Encryption plays a fundamental role in data privacy, whether it’s protecting data from hackers or governments,” said Paul Turner, CTO for server products at Venafi.
“The challenges organisations are already facing in managing and securing encryption keys, combined with concerns about the integrity and strength of encryption implementations, is undermining confidence in the privacy and security of data.”
Security experts have been vocal in their criticism of the UK government’s Snooper’s Charter, which threatens to force technology companies to install backdoors in their encryption.
“If governments get the master god key that allows them to take control of these communications, they have the power to bend the machines to their will and access whatever data they want,” Venafi chief security strategist Kevin Bocek told Business Reporter. “But can governments really be trusted to look after the god key given past experience?”