IT professionals in the Middle East are increasingly adopting encryption to protect customer personal information, driven by acceleration of digital initiatives such as cloud, the internet of things (IoT), and 5G networks, and rising data volumes and types. These are some of the findings from the 2020 Middle East Encryption Trends Study from the Ponemon Institute and Entrust, a leading global provider of trusted identities, payments and data protection.
Threats, drivers and priorities
Protecting consumer personal information is the top driver for deploying encryption in the Middle East region (67% of respondents), 13% higher than the global average. This outranks the need to protect intellectual property (59%), protect information against specific identified threats (40%) and comply with external privacy or data security regulations (34%).
Employee mistakes continue to be the biggest threat to sensitive data (60%) and significantly outweigh concerns over attacks by hackers (32%) or malicious insiders (19%), but the threats posed by hackers has increased signicantly from 25% in 2019.
Data discovery the number one challenge
With the proliferation of data from digital initiatives, cloud use, mobility, IoT devices and the advent of 5G networks, data discovery continues to be the biggest challenge in planning and executing a data encryption strategy, with 63% of respondents in the region citing this as their top concern, an increase from 58% last year. And that is likely to increase, with a pandemic-driven surge in employees working remotely, using data at home, creating extra copies on personal devices and cloud storage.
Blockchain, quantum and adoption of new encryption technologies
The study indicates that 78% of respondents in the Middle East have adopted an encryption strategy which is either enterprise-wide or limited to particular deployments. This is lower than the global average of 87%.
With encryption deployment a clear focus, how are organizations looking ahead? In the near term, 51% of respondents plan to use blockchain, with cryptocurrency/wallets and asset transactions cited at the top use cases. Other much-hyped encryption technologies are not on IT organizations’ near-term radar. Most IT professionals see the mainstream adoption of multi-party computation at least five years away, with mainstream adoption of homomorphic encryption more than six years away, and quantum resistant algorithms over eight years out, all of which are in line with global trends.
Trust, integrity, control
The use of hardware security modules (HSMs) continues to grow faster in the Middle East than in any other region. This year 68% of respondents reported using HSMs to protect their encryption keys (up from 50% in 2019), tied for the top region with Germany and the US.
HSM usage is no longer limited to traditional use cases such as public key infrastructure (PKI), databases, application and network encryption (TLS/SSL). The top use cases for HSMs in 2020 in the Middle East are public cloud encryption (47% - compared to 35% globally), application-level encryption (44%) and to protect administrative access to Privileged Access Management solutions (38% - the highest rate worldwide).