This week, Entrust issued the results of its 2019 Korea Encryption Trends Study from the Ponemon Institute. The report, which polled hundreds of South Korean respondents, was a mixed bag of positive and concerning developments.
In South Korea, only 37% of companies have an encryption strategy – a surprising number when considering South Korean organizations must adhere to one of the strictest data protection regulations in the world, the Personal Information Protection Act (PIPA). The finding is especially notable when compared to the global number (45%), Germany (67%), the United States (65%), Australia (51%), and the United Kingdom (50%).
But, there are also encouraging findings: As South Korean organizations adopt the public cloud, the IoT, and virtualized containers like Docker, they are also embracing encryption to protect their applications and sensitive information. Over two-thirds (67%) of South Korean organizations are transferring data to the cloud, which is driving both more encryption, and higher use of hardware security modules (HSMs) to protect encryption keys. Half (51%) of South Korean organizations are utilizing HSMs, a number that ranks above the global average.
Over half (53%) of the respondents use encryption to protect cloud gateways, and 40% to protect public cloud services. Over one-third (38%) use HSMs for public cloud encryption, and 41% plan to use HSMs for this purpose in the next 12 months. This is notable, especially when considering the global figure of 33%. Also significant are the 38% using encryption to protect IoT platforms and data repositories, and the 32% using encryption to protect IoT devices.
While the percentage of organizations embracing encryption may not be as high as expected, it’s evident South Korean organizations are attuned to the importance of protecting sensitive data. Almost three-fourths (70%) list the protection of intellectual property as the number one driver for implementing an encryption strategy, followed by protecting customer personal information (53%).
Ultimately, encryption usage is a clear indicator of a strong security posture. Organizations that deploy encryption are more aware of threats to sensitive and confidential information and are making a greater investment in IT security. As South Korean organizations continue to embrace established and emerging technologies, it’s reasonable to expect that investment will grow even larger.