Thales e-Security News Release

Middle East businesses at increased risk of cyber-attack, with only 34 per cent implementing a consistent data encryption strategy, reveals Thales study

Encryption growth in Middle East highest for cloud technologies, including private cloud and docker

Thales, a leader in critical information systems, cybersecurity and data security, announces the results of the Middle East edition of its 2018 Global Encryption Trends Study. The report, based on independent research by the Ponemon Institute and sponsored by Thales, explores encryption deployment trends in the Middle East, strategy and adoption of encryption to secure data within cloud applications, as well as threats, main drivers and priorities for the industry.

Only 34% of respondents in the Middle East reported that their organization has an encryption strategy applied consistently across their enterprise. This places the Middle East among the three lowest ranking countries, alongside Mexico (30%) and Russia (31%), and 9% below the global average of 43%. Nevertheless, the region is seeing growing adoption of encryption strategies, with an increase of +7% since 2016. IT operations are most influential in framing the direction of encryption strategy, at 32%.

At 55% and 51% respectively, employee/HR data and financial records are the two most commonly encrypted data types in this region. Interestingly, customer information has shown the sharpest increase over the past three years, rising from 25% two years ago to 41% this year. Organisations in the region continue to demonstrate a preference for control over encryption in the cloud and are actively implementing hardware security modules (HSMs) to safeguard their data against increasing security threats. The report also highlights the Middle East as a leader for HSM deployment across new applications including IoT, Cloud Access Security Brokers (CASBs) and blockchain, with the region ranking higher than the global average.

Among the findings:

  • 81% of respondents either use the cloud for sensitive/non-sensitive applications and data today, or will do so in the next 12-24 months
  • 55% of respondents are using more than one public cloud provider, and 74% plan to do so in the next two years
  • The most significant threat to sensitive data is employee mistakes, topping the list at 55% and significantly outweighing concerns over actual attacks by malicious insiders
  • Businesses in the region view HSMs as increasingly important to an encryption and key management strategy – rated as either very important or important today by 56% of respondents, and by 63% of respondents over the next 12 months
  • The majority of organisations (51%) will only use keys for data-at-rest encryption that they control

Philip Schreiber, Regional Sales Director MEASA for Thales eSecurity said: “The Middle East is one of the most highly digitised regions in the world, making it extremely vulnerable to cybersecurity threats. Despite a sharp increase in the migration of sensitive data to the cloud, still just 36% of respondents in the Middle East had a consistent encryption strategy in place. Encryption strategy, coupled with hardware tools such as HSMs and proper key management, is vital to protecting sensitive data against cyber criminals and guarding against human error. Whilst we saw a marginal increase this year in its implementation, it’s clear there’s still a lot of improvement needed in this region to safeguard critical applications.”

Other key findings:

  • Encryption use in the Middle East over the past 12 months has seen the most significant growth for private cloud infrastructure (+17%), docker containers (+8%) and backups/archives (+8%)
  • 37% of organisations are currently using or planning to use HSMs for public cloud encryption including Bring Your Own Key (BYOK), followed by application level encryption (35%) and database encryption (32%)
  • Once again, the primary drivers for encrypting data in the Middle East are intellectual property (IP) protection and protection of customer information.
  • For organizations in the Middle East the importance of encryption solutions that support both cloud and on premises deployments rose in importance by 18% over last year, demonstrating how organizations are looking to simplify their encryption and key management deployments.

The Middle East Encryption Trends Study part of the 2018 Global Encryption Trends Study which is now in its thirteenth year. The Ponemon Institute surveyed more than 5,000 people across multiple industry sectors in the United States, United Kingdom, Germany, France, Australia, Japan, Brazil, the Russian Federation, Mexico, India, Saudi Arabia, the United Arab Emirates, and Korea.

The new 2018 Middle East Encryption Trends Study can be downloaded here.