Businesses really need to start encrypting their data, or face losing it

Padlock on wire mesh network and glowing particle data.
(Image credit: Getty Images)

A lack of encryption is the number one reason for businesses suffering the loss of sensitive data, new research has claimed. 

A study from Fortanix found a third (33%) of the nearly 400 IT and cybersecurity professionals it surveyed said that leaving data unencrypted was the main reason for its loss at their organization.

This is despite the fact that 90% agree encryption is a good thing for their overall security. The survey also found that many organizations want to encrypt their data but are unsure how to go about it, due to a lack of staff with the expertise and skills to use encryption software, leading to uncertainty about when and where to apply it.

Positive signs

This was apparently the most difficult aspect for tech professionals to determine, with Fortanix concluding that this indicates "the need for solutions that provide consolidated discovery and assessment of cryptographic keys across hybrid, multicloud environments."

However, the news isn't all bad: the study also found more than 80% of organizations have implemented - or plan to implement - zero trust technology. 81% of respondents also said their organizations have dedicated teams in place for handling encryption. 

In addition, key management systems, data loss prevention, and hardware security modules were found to be the top three technologies used to secure an organization's data. 

And although only 24% have a unified key management system in place currently, more and more are expected to adopt one, with 50% looking to do this soon. On the other hand, federated key management is set to decline from 74% down to 47%.

Organizations are also looking to future proof their data protection; 76% of respondents are aware of post-quantum cryptography (PQC), with 14% already using it and 37% testing it out. However, cost and staffing are the main factors currently hampering its wider adoption. 

Fortanix CEO Anand Kashyap commented on the findings that, "most enterprises lack complete control over encryption keys, creating significant risk. It's paramount these organizations adopt a paradigm shift towards a data-centric security strategy with full visibility and control over their encryption assets."

Senior Analyst Jack Poller also added that, "while it's a positive sign that most have confidence in encryption technologies, many don’t know how to implement it in a way that addresses their specific needs. It's apparent that these organizations need to invest in education, staffing, and solutions to get them where they need to be." 


Lewis Maddison
Staff Writer

Lewis Maddison is a Staff Writer at TechRadar Pro. His area of expertise is online security and protection, which includes tools and software such as password managers. 

His coverage also focuses on the usage habits of technology in both personal and professional settings - particularly its relation to social and cultural issues - and revels in uncovering stories that might not otherwise see the light of day.

He has a BA in Philosophy from the University of London, with a year spent studying abroad in the sunny climes of Malta.