The quicker an organization digitally transforms, the more susceptible it can be to a breach.
In 2019, the Thales Data Threat report found that data risk escalates as the intensity of digital transformation increases. Aggressive digital transformation, for example, is 13% riskier than ad-hoc transformation. The risk comes with the territory.
“It’s common. If you’re trying to extract value and be a pioneer, you’re likely to forget some things and have more attack vectors,” said Tim Reilly, CEO of Zettaset, a security solutions provider. Reilly spoke at GovLoop’s virtual summit “Gov’s Top Trends 2021: How Tech & Management Support Mission Critical Work.”
The increased risk may be a little concerning for agencies trying to digitally transform, adopting technologies such as containers, which are flexible bundles of applications and data that enable IT agility. In a world where data has grown about 430% in the past decade, can agencies secure their data goods and lower their risk effectively?
The answer, Reilly said, lies in encryption.
There are many legs to the stool of cybersecurity, but encryption is a key, rather underused, solution. A recent Zettaset survey found that 92% of respondents plan on using sensitive data for digital transformation technologies such as containers and cloud, but only 33% use encryption within these technologies.
This can pose a problem if, for example, bad actors get past authentication, gain access to the environment and reach the data. What is the last line of defense? Encryption. Encryption converts the original data into an indecipherable form and hides the key that will decrypt this form so bad actors can’t exfiltrate it.
Encryption can secure the data, but could it slow down performance? According to the Ponemon Institute’s 2020 Global Encryption Trends Study, system latency is the top reason why organizations do not broadly adopt encryption.
With the right data encryption however, organizations do not have to worry about latency. Reilly said to think about it this way: There are three kinds of encryption. Self-encrypting drives is like a key that unlocks the whole beach. On the other hand, file encryption is like a key that unlocks a grain of sand. Organizations want something in the middle, like full disk encryption software that unlocks different buckets of sand. This last data encryption solution allows minimal performance impact without compromising data security.
“Data will always be exposed as new technology arises, and you have to be able to protect it,” Reilly said.
This online training was brought to you by: