Hong Kong is number one in Asia for enterprise encryption, with customer personal information the top data protection priority, reports nCipher Security
Encryption key management remains a critical challenge to effective data protection
nCipher Security, an Entrust Datacard company and world leader in hardware security modules (HSMs), today released its 2020 Hong Kong Encryption Trends Study, based on research by the Ponemon Institute. In adjusting to a “new work-from-home normal” as a result of the COVID-19 pandemic, most Hong Kong enterprises have accelerated digital initiatives. This brings even more attention to data protection and encryption strategies, with protection of customer information their number one priority. However many organizations face challenges deploying encryption technology.
Most Hong Kong enterprises have an encryption plan in place, but find it difficult to deploy technology and train users
Hong Kong adopts enterprise encryption at one of the highest rates among the global markets surveyed. 60% of Hong Kong companies surveyed say they have a consistent plan or strategy, well above the 48% global average.
Protecting personal customer information is the major driver behind data encryption adoption in Hong Kong. 72% of respondents see it as a priority, 18% higher than the global average. The second driver is intellectual property protection (70%), 18% higher than the global average. Compared to other markets, regulatory compliance mandates are of a lower priority, 17% below average.
Several types of data are encrypted at a much higher rate in Hong Kong compared to its global peers, including intellectual property (68% vs. 49% globally), healthcare information (66% vs. 25% globally) and customer data (52% vs. 44% globally).
Despite active data encryption by enterprises in Hong Kong, many respondents encounter difficulties in deployment (57%) and user training (24%) – both exceeding global averages. With the growing demand for cybersecurity skills, there is a real need for solutions to help ease the burden of deploying effective enterprise-wide encryption.
Effective encryption is increasingly essential, but key management is critical
The survey shows that rising encryption use intensifies key management challenges, with approximately 60% of Hong Kong firms finding encryption key management to be “very painful”. Reasons include no clear ownership (73%) and inadequate key management tools (57%). While 40% of respondents believe IT operations have the most influence in directing encryption strategies, nearly a quarter (23%) say no single function is responsible.
Looking ahead – cloud, blockchain, quantum and adoption of new encryption technologies
Cloud adoption dominates in Hong Kong with 81% of respondents either currently using cloud computing services with sensitive or confidential data, or planning to do so in the next 12-24 months.
While the surge in remote working has increased the risk of data exposure, how are organizations looking ahead? In the near term, over 70% of responding organizations plan to use blockchain, with asset transactions, cryptocurrency/wallets, identity, supply chain and smart contracts cited at the top use cases.
Other much-hyped technologies are not on Hong Kong IT organizations’ near-term radar. Most IT professionals see the mainstream adoption of multi-party computation at least five years away, with mainstream adoption of homomorphic encryption more than seven years away, and quantum resistant algorithms over eight years out, all of which are in line with global trends.
“Consumers expect brands to keep their data safe from breaches and have their best interests at heart. Our survey found that IT leaders are taking this seriously, with the protection of consumer data cited as a top driver of encryption growth,” says Dr Larry Ponemon, chairman and founder of Ponemon Institute. “Encryption use is at an all-time high right now, with 60% of respondents this year saying their organization has an encryption plan that is applied consistently across the entire enterprise, while a further 30% say they have a limited plan or strategy applied to certain applications and data types.”
“As the world becomes increasingly digitalized, the impact of the global pandemic highlights how critical security and identity have become for organizations and individuals, both at work and at home,” said Michael Tai, head of sales, Greater China, nCipher Security. “We are glad to see that Hong Kong is one of world leaders in adopting enterprise encryption, despite the challenges they face in terms of deployment and cybersecurity skills shortages.”
“Organizations are under relentless pressure to deliver high security and seamless access – protecting their customer data, business critical information and applications, while ensuring business continuity,” said Ian Christofis, managing principal consultant, nCipher Security. “nCipher empowers customers by providing a high assurance security foundation that ensures the integrity and trustworthiness of their data, applications and intellectual property.”
Other key findings from the Hong Kong Encryption Trends Study include:
- Employees are the highest threat to exposing sensitive data (50%), followed by hackers (34%) and system or process malfunction (30%).
- Intellectual property (68%), healthcare information (66%) and employee/HR records (57%) are most likely to be encrypted, and all at a rate higher than the global average.
- The least likely data to be encrypted is non-financial business information (27%).
- Despite 78% being aware of HSMs, only 34% of organizations use them, 14% lower than the global average.
- The most common HSM use cases are SSL/TLS (46%), and public cloud encryption, including Bring Your Own Key (BYOK), standing at 37% -- both similar to global averages.
- 76% of organizations plan to deploy HSMs for SSL/TLS in the next 12 months, the highest worldwide and 30% higher than the global average.
Download the 2020 Hong Kong Encryption Trends Study
2020 Hong Kong Encryption Trends Study methodology
The 2020 Hong Kong Encryption Trends Study surveyed 267 IT professionals in Hong Kong and is part of a larger global study, based on research by the Ponemon Institute. The report captures how organizations around the world are dealing with compliance, increased threats, and the implementation of encryption to protect their business critical information and applications.
6,457 IT professionals were surveyed across multiple industry sectors in 17 countries/regions: Australia, Brazil, France, Germany, India, Japan, Hong Kong, Mexico, the Middle East (which is a combination of respondents located in Saudi Arabia and the United Arab Emirates), the Russian Federation, Southeast Asia (Indonesia, Malaysia, Philippines, Thailand, and Vietnam), South Korea, Taiwan, the United Kingdom, the United States and two new regions for the first time, Netherlands and Sweden.