The digital landscape has changed in profound ways over the past year, and the pace of change isn’t likely to slow down any time soon. So there is no better time to look deeper into the changing threat landscape and solutions highlighted in the Entrust 2021 Hong Kong Encryption Trends Study, part of the 16th annual multinational survey by the Ponemon Institute. The study reports on the cybersecurity challenges organisations face today, and how and why organisations deploy encryption.
Identified threats and priorities
More than half (54%) of Hong Kong enterprises report having consistently applied encryption strategies, well ahead of the global average (50%) for the second year running. This is not surprising, with a fast-rising number of IT professionals in Hong Kong citing compliance with external privacy or data security regulations (39% from 30% last year) as driving their encryption use, the second fastest growth worldwide in the survey.
When it comes to selecting encryption tools, organisations in Hong Kong seek out a few specific features more than the global averages. Most notably, more than three-quarters of respondents say they want encryption tools that are scalable, and they also show a strong preference for products that offer hardware-based tamper resistance, such as hardware security modules (HSMs).
However, the rapid rise of encryption tools and applications comes at a price. On average, organisations reported having eight different products that perform encryption. We see this pain point when talking with our customers — there are many good tools, but not enough people to use, learn, and implement them to avoid exposing the sensitive data they are protecting in the first place.
The pain of encryption: the key management problem
Perhaps not surprisingly given the high rate of enterprise encryption adoption, two-thirds of organisations in Hong Kong rate their level of key management pain as a 7 or higher (out of 10). This is up from 61% last year and higher than this year’s global average of 56%, but the next step is locating the source of the pain.
Three-quarters of organisations say that it is concerns about ownership that make key management painful. That’s 10% above the global average and this is the second straight year it’s been the top reason in Hong Kong. Also, well over half (58%) of respondents say that key management tools are inadequate, and more than half say that systems are isolated and fragmented, both of these being above the global average.
The rise of the hardware security module (HSM) solution
To solve the issue of effective encryption with painless key management, more organisations in Hong Kong are deploying hardware security modules (HSMs).
Four out of ten of organisations in Hong Kong use HSMs, up from 34% last year. Although this is lower than the global adoption rate of 49%, it represents the second highest growth from the regions surveyed since last year showing that the many benefits of HSMs, especially in the role of key management, are being recognized in the region.
Other use cases for HSMs continue to grow, in some cases very significantly. Over the next 12 months, organisations anticipate greater use of HSMs for several use cases, led by TLS/SSL going from 38% to 78% year over year, the largest expected increase of any use case. Other leading use cases include database encryption (increasing from 25% to 45%), blockchain applications (from 13% to 30%) and payment transaction processing or payment credential issuing/provisioning (expected to increase from 26% to 40%).
The way forward
Best practices, more than ever, need to focus not just on effective encryption, but also securing an organisations encryption and signing keys. It is clear that Hong Kong enterprises are doing whatever they can to simplify their encryption strategy, mitigate manual process where mistakes can often be mange, and having a genuine focus to do encryption right is a huge step forward to protecting enterprises’ data against attacks, misuse, and breaches.
However, these strategies in themselves bring forward new challenges associated with discovering where sensitive data resides, effective deployment of encryption technology, and resolving the pain of key ownership and inadequate key management tools.
As they deploy encryption for databases, containers and cloud applications, organisations in the region seek encryption solutions that offer scalability, tamper resistance with an HSM, but as cloud use increases, organisations prefer to own and manage the HSMs used to protect cloud applications.