Research Report on global encryption technology trends in 2021 From Ponemon

The following is the Research Report on global encryption technology trends in 2021 From Ponemon recommended by recordtrend.com. And this article belongs to the classification: Blockchain, Bitcoin, research report, financial technology.

Ponemon Institute is a professional research center dedicated to privacy, data protection and information security policies in the United States. It publishes professional reports related to network security every year. In 2021, Ponemon Institute investigated 6610 individuals in 17 countries and regions such as Australia, Brazil, France, Germany, India, Japan and Mexico to investigate and analyze the evolution trend of encryption technology application in the past 16 years and the impact of encryption on organizational security situation. The first encryption trend research was conducted on a sample of respondents in the United States in 2005. After that, Ponemon Institute expanded the research scope and extended the time span to 2020, becoming an important reference for studying the global encryption trend. Unfortunately, the sample data of the report do not contain Chinese mainland. Therefore, this paper analyzes the application of foreign encryption technology, compares and analyzes the application status of encryption technology in China, explores the development trend of China’s cryptographic industry, and provides help and reference for cryptographic and data security service providers and enterprises with relevant needs. (focus on the official account, reply to the keyword global encryption trend, download the Ponemon Institute 2021 English version and the Chinese translation version)

1. The application layer is the focus of data security protection

From the perspective of data flow, the value point of data in the application layer is higher, and the focus of encryption protection lies in the application layer. The current IT architecture of the enterprise includes different levels such as infrastructure, software platform and business application. Enterprise data flows efficiently between different levels to realize interconnection and sharing and create value for the enterprise. The more data flows upward, the more value points. Data in the infrastructure layer is binary numbers without business meaning; In the software platform layer, it is expressed in various forms of file formats; In the business application layer, data has rich business meaning. From the survey results, deploying security modules in the application layer has become a common choice for many enterprises, which shows that encryption for the application layer is becoming a consensus in many countries around the world. At the same time, the technology based on application layer encryption is becoming more and more perfect and mature.

2. The biggest threat source of sensitive data: personnel management

The most significant threat to sensitive or confidential data is employee error. Similar threat sources include temporary or contract employees, malicious insiders, etc., which belong to personnel management issues. First of all, it is suggested that enterprises pay attention to and strengthen personnel management, standardize personnel operation, and strengthen personnel’s sense of responsibility for data security protection. In addition, With the release of the second review draft of data security law (Draft) and personal information protection law (Draft), the “laws to follow” of data protection will be further advanced. Enterprises can strengthen the “Law Popularization” education for employees and reduce their “compliance risk” 。 Finally, from a technical point of view, enterprises can combine data encryption with security technologies such as authority control and desensitization, so that rights and responsibilities can be traced to people, and effectively avoid the possibility of important data leakage from the construction of technical architecture.

3. Key encryption features: performance, key management, compliance

System performance and delay, key management and policy implementation are the three most important points for encryption solutions. System performance and delay can be avoided through high-performance password to ensure that users will not affect efficiency and experience after using password technology; Key management can be solved through professional intelligent management system. The system should have the functions of key secure storage, random number generation, three-tier key system, key management, log audit and so on; Policy implementation is a compliance issue. With the improvement of laws and regulations related to data security protection, the compliance of enterprise data encryption in various countries is becoming a necessary option. For example, in mainland China, encryption schemes or products should preferably support SM series algorithm encryption operations to meet the password compliance requirements in ISO 2.0, GB / T 39786 and other confidentiality evaluation specifications. In addition, an excellent encryption solution should also have the characteristics of no development and transformation, fine-grained access control, integration of password control and audit, rich database type compatibility, etc.

4. Data discovery is the biggest challenge of encryption policy implementation

The biggest obstacle to the successful implementation of encryption policy is “how to find the location of sensitive data in the organization”. 65% of respondents said that finding the position of sensitive data in the organization is the first challenge, which is mainly reflected in the discovery and classification of important data assets of enterprises. For the discovery of sensitive data, relying solely on manual screening is not only time-consuming and laborious, but also may lead to the omission of some key and important information. Therefore, a “sensitive data intelligent discovery platform” can be established to fundamentally solve the problem of difficult discovery of important data of enterprises through technical means such as “intelligent positioning of sensitive data distribution”, “dynamic monitoring of sensitive data” and “classification and classification of sensitive data”. Then, according to the regulations and standards of relevant industries and combined with the characteristics of the industry, systematically sort out the data, determine the data sensitivity levels such as openness, privacy and confidentiality according to the grading elements, scope of influence, object of influence and degree of influence, and classify different levels of data to ensure the standardized sharing and efficient application of data.

5. Key management can be optimized from two aspects: system and technology

How painful is key management? On average, 56% of respondents considered key management very painful, of which 69% of the highest percentage pain threshold occurred in Spain and 37% of the lowest pain threshold occurred in France. According to the data, there are three main reasons for the difficulty of key management: (1) there is no clear division of responsibilities for key management functions; (2) Lack of professional technicians; (3) The key management system is isolated or fragmented. Enterprises can solve the above problems from two aspects: first, in terms of key management, establish clear job responsibilities and relevant personnel to form a professional key management system; second, in terms of key management system, adopt or develop a more professional and systematic key management platform or product to provide key management services The functions of life cycle management include key generation, key storage, key distribution, key backup, key update, key revocation, key archiving, key recovery and security management, The platform or product is recommended to have the characteristics of “supporting kmip Protocol”, “business based key use audit”, “providing a variety of application business level interfaces”, “compatible with all kinds of ciphers”, “convenient and easy-to-use maintenance and diagnosis technology”, etc.

6. How to ensure the security of cloud data?

With the popularity of cloud, the traditional IT architecture is changing. Many business systems of enterprises are hosted in cloud service providers. Many daily tasks, such as HR, social security, reimbursement, OA and other work affairs management, have corresponding SaaS services that can be adopted. Although cloud computing has many advantages, But because the data physically resides in the cloud service provider (CSP), which is not directly controlled by the data owner, has certain security threats. In the survey, 60% of the respondents said that their organizations choose to transmit sensitive or confidential data to the cloud regardless of whether they use other technical means for encryption protection. Another 24% of the respondents expect to transmit data to the cloud in the next one to two years. These findings indicate that cloud computing The benefits of computing outweigh the risks of transmitting sensitive or confidential data to the cloud, but how to ensure the security of cloud data is still a challenge.

The three most important features of cloud encryption are kmip standard supporting key management (59% of respondents), Siem integration, log visualization and analysis (59% of respondents) and access control granularity (55% of respondents). Kmip provides a standard communication mode between encryption system and key management system. Through the key manager of kmip technology standard, enterprises or organizations can use a single centralized platform to manage the keys of encryption technologies of different suppliers and unify the key management strategy and workflow; Siem, visualization and analysis log are mainly used to ensure that after information disclosure For event analysis and traceability, relevant encryption schemes are recommended to support log management, visual display of key life cycle and independently deployable data access audit, so as to realize scientific and effective log management, situation analysis and traceability after information leakage; In terms of access control granularity, the encryption scheme can be designed based on B / architecture, set the encryption and decryption permission rules through the visual management console, realize security audit for structured data, and provide the security capability of “subject to application user, object to field level”, so as to minimize the authorization of sensitive data access to internal personnel of the enterprise.

7. Systematic encryption strategy has gradually become just needed by enterprises

Systematic encryption policy is becoming a necessary option for enterprises or organizations. Since the research was carried out in 2006, the number of organizations that systematically adopt encryption strategy in enterprise management is increasing steadily. Conversely, the proportion of organizations without encryption plans or policies decreases year by year. By 2021, the number of companies adopting systematic encryption strategy has been close to 50%. It can be predicted that this proportion will continue to grow in the next five years or even longer. According to relevant statistics (this data comes from “Internet Security internal reference” ）, the scale of global cyber attacks in 2020 increased rapidly compared with 2019. A total of 3932 security breaches were reported in the public scope within one year, with 37 billion leaked data records, compared with 15.1 billion in 2019. Many enterprises or organizations paid a heavy price for this. In order to effectively curb the growth of data leakage events and meet the data security needs of enterprises and organizations, systematic encryption strategy is becoming the just need of enterprises.

8. Policy compliance helps implement encryption applications

Encryption strategies are most popular in Germany and the United States. In the countries represented by this study, the average adoption rate of encryption strategies is about 50%, and the popularity of enterprise encryption strategies varies. The popularity of enterprise encryption strategies reported by Germany, the United States, Japan and the Netherlands is the highest. Respondents in Russia and Brazil reported the lowest adoption of corporate encryption strategies. Compared with the mainland, especially during the 13th Five Year Plan period, China’s network security industry has made positive progress, In 2020, the industrial scale is expected to exceed 170 billion yuan (this data comes from the people’s daily). More and more enterprises begin to take the initiative to accept data security services, and the relevant encryption strategies and technologies are constantly upgrading and iterating. The latest “14th five year plan” continues the state’s attention to “security construction”, and puts forward “overall development and security, building a higher level of safe China” We judge that the policy level will continue to help the promotion and application of encryption strategies and technologies in the next five years or even longer.

9. User, enterprise and policy driven data encryption

The main driving force of encryption comes from three aspects: customer sensitive information protection, enterprise important data protection and policy compliance. With the rise of the Internet industry and the continuous development of big data and artificial intelligence, the phenomenon of “streaking” of personal information occurs from time to time at home and abroad, and enterprises’ demand for customer / user data encryption is increasing. At present, according to the analysis of the research results, the significant threats of sensitive or confidential data can be divided into three aspects: customer sensitive information protection, enterprise important data protection, and policy compliance. Customer sensitive information represents the basic rights and interests of customers. Once leaked, it will pose a challenge to customers’ privacy and property security; The important data of the enterprise represents the core interests of the enterprise. Once the data is obtained by the competitors, the enterprise may be in a passive position in the commercial competition; Policy compliance represents the attention and management of governments to data security. The frequent occurrence of data leakage and other events is obviously not conducive to the healthy development of society. Whether from the perspective of customers, the interests of the enterprise itself, or from the national policy level, it is necessary and forward-looking to encrypt and protect important data.

10. There is still great potential in the data security market

Encryption is being accelerated in most industries. The results show that except for communication, service and other industries, encryption applications in most industries are growing steadily, while it, transportation, medical and health care, manufacturing, hotel, education, retail, consumer goods, public services and other industries have a significant growth. Mapping to Chinese mainland, data security in the field of IT, transportation, medical care, manufacturing, hotel, education, retail and other fields is also being implemented. The state has paid more attention to data security protection. The data security market has a great potential in the whole, and it is basically consistent with the application trend of encryption in the whole ball industry. We believe that the scale of the data security industry in the mainland will show a steady growth trend for a long time to come and cover more industries, which is good for data security service providers.

At present, digitization is developing and sinking rapidly all over the world. On the one hand, it improves customer satisfaction and operation efficiency, forming a competitive advantage, but at the same time, it also increases security risks. No enterprise or organization in the world can “survive” under this wave. It is suggested that enterprises actively embrace data security protection and increase their own important data protection ability, employee management level and compliance attributes; Data security service providers can continuously increase their own technical reserves, constantly explore new protection concepts, contribute to enterprise data security protection through high-quality products or platforms, and contribute to national security development.

If you want to get the full report, you can contact us by leaving us the comment. If you think the information here might be helpful to others, please actively share it. If you want others to see your attitude towards this report, please actively comment and discuss it. Please stay tuned to us, we will keep updating as much as possible to record future development trends.

RecordTrend.com is a website that focuses on future technologies, markets and user trends. We are responsible for collecting the latest research data, authority data, industry research and analysis reports. We are committed to becoming a data and report sharing platform for professionals and decision makers. We look forward to working with you to record the development trends of today’s economy, technology, industrial chain and business model.Welcome to follow, comment and bookmark us, and hope to share the future with you, and look forward to your success with our help.