Entrust 2021 Mexico Encryption Trends Study Reveals Encryption Challenges And Resulting Data Exposure Risk
Conducted by the Ponemon Institute, the 16th annual study highlights regional adoption of enterprise-wide encryption helps meet data discovery requirements
In the face of increased threats from hackers and third-party service providers, half of all respondent organizations in Mexico report having experienced a data breach. However, the adoption of enterprise encryption strategies and HSMs lags behind global averages and has fallen since last year. This and other findings are highlighted in the Entrust 2021 Mexico Encryption Trends Study, part of the 16th annual multinational survey by the Ponemon Institute. The study reports on the cybersecurity challenges organizations face today, and how and why organizations deploy encryption.
Recommended AI News: Nuheara Lifts Revenue by 517% Through Data-Driven Campaigns
Identified threats and priorities
With half of respondents having experienced a data breach, it’s unsurprising that a high number (42%) rate hackers as a threat that might expose sensitive data, the highest rate globally and well above the global average of 29%.
Despite this concern, just a third (34%) of those organizations have a consistently applied encryption strategy, below this year’s global average of 50%. This lack of consistent adoption seems to be driven by challenges in discovering where sensitive data resides, which was cited as the biggest challenge when planning and executing an encryption strategy in Mexico – although the rate (51%) is below the global average (65%). The fastest-growing challenge is classifying which data to encrypt, which is up from 30% last year to 43% this year.
When it comes to what data is being encrypted, 55% of respondents in Mexico said their organizations are encrypting payment related data, while 46% of respondents say customer information is most often encrypted and 43% encrypt employee/HR data.
But encrypting this data requires managing encryption keys. For respondent organizations in Mexico, the pain associated with key management is increasing, with 62% reporting a high rate of overall pain associated with managing encryption keys. This is up from 61% last year and is higher than this year’s global average of 56%.
Recommended AI News: BlackBerry IVY to Provide Secure Vehicle-Based Payments
Furthermore, three quarters (76%) of respondents in Mexico rate lack of skilled personnel as a top reason that makes key management painful; this is the highest rate worldwide for the 3rd straight year. The second highest reason is no clear ownership, which was ranked by 51%. Additionally, training users to use encryption appropriately is rated as a greater challenge for those in Mexico than in other regions (19% vs. 14% globally), and has been higher than the global average for five straight years.
The growing role of hardware security modules (HSMs)
For the second straight year, when rating important features associated with encryption solutions, organizations in Mexico rank tamper resistance by dedicated hardware (e.g., HSM) at the highest rate worldwide (72% vs. 50% globally). However, the rates of hardware security module (HSM) adoption reported by respondents is low, with 31% of respondent organizations in Mexico using HSMs (vs. 49% globally).
The top HSM use case for respondents in Mexico is application-level encryption at 44%. This is up from 39% last year although lower than this year’s global average of 47%. The second highest HSM use case is container encryption/signing services at 41% (vs. 40% globally). When using HSMs to protect cloud applications organizations in Mexico (46%) show a higher preference than the global average (41%) to use HSMs they own and operate.
Over the next 12 months organizations anticipate greater use of HSMs for several use cases, including the already leading use case of application-level encryption being expected to increase from 44% to 60%. Big data encryption is expected to increase from 19% to 31%, while public cloud encryption including for Bring Your Own Key (BYOK) deployments is expected to increase from 16% to 29%.
“This year’s research shows that organizations in Mexico are facing challenges from every direction. From outside they appear to be facing a barrage of attacks from hackers and from the inside, when looking to adequately protect their data, they struggle to know what data to encrypt and where to find it,” said José Rivera, sales director, LATAM region, Entrust. “The third challenge for those in the region looks to be that of an acute skills shortage and as organizations across Mexico look to use encryption solutions as a key part of their data protection, they will need not just HSMs that offer scalability and tamper resistance to help manage their encryption keys, but also sourcing those HSMs from a trusted partner that can help provide the relevant skills and education needed to employ this technology as part of a consistent strategy throughout the business.”