Optimize encryption and key management in 2024 | TechTarget (2024)


Enterprise Strategy Group research highlighted the encryption challenges enterprises face, including lack of encryption, cryptographic infrastructure inadequacies and more.

As enterprise data volume growth accelerates and organizations deploy new applications to support business initiatives, the need to secure sensitive data becomes more critical. Encryption remains a critical component of data security, but not every organization is prepared to handle the ins and outs of encryption.

New research on encryption and key management from TechTarget's Enterprise Strategy Group revealed how enterprises secure their on-premises and cloud data stores. Here are some key takeaways to help organizations optimize their encryption strategy for better security.

Encryption is a strategic security activity with increasing budgets

The research showed that nearly three-quarters of organizations have adopted a formal cryptographic program. Furthermore, more than eight in 10 organizations have a team or at least an individual dedicated to encryption, key management and certificate management. The majority of respondents said these individuals or teams directly report to the C-suite.

In addition to encryption being a strategic initiative, spending is expected to increase. Nearly nine in 10 organizations said they expect to increase their spending on encryption technologies relative to other areas of cybersecurity in the next 12 months, with almost a third classifying this increase as significant.

Recognizing that encryption, especially migrating to post-quantum cryptography, needs to be uniformly implemented organization-wide for the optimal security outcomes, many organizations said they are shifting their key management strategies.

Lack of encryption is a primary contributor to data loss

One in five respondents said their organization lost sensitive data in the last 12 months, though of greater concern are the 26% who suspected their organizations had lost sensitive data but don't know for sure because they don't have the tooling or expertise to find out.

The most common culprits behind these sensitive data-loss events include not encrypting sensitive data in a timely manner and malicious actors exfiltrating unencrypted data, which speaks to poor access controls. Other policy shortfalls included incorrect or insufficient security policies, unsanctioned applications and shadow data, and undersized encryption keys.

Cryptographic teams struggle with operational issues

Organizations migrating cryptographic infrastructure to the cloud struggle with internal operating issues. Most notably, more than a quarter of organizations cited a lack of sufficient cybersecurity staff. Other common challenges included expense and budget issues, the complexity and effort required, and relegating encryption due to other priorities.

To operate properly, cryptographic infrastructure must interoperate with myriad devices, systems and applications throughout the ever-more complex IT environment.

Data discovery and categorization are needed

While the survey results showed organizations have confidence in the location of their data, respondents indicated they attributed past loss of sensitive data to undiscovered shadow data. Specifically, 94% of respondents said they were mostly or completely confident in their organization's ability to discover and identify sensitive data. However, 18% of organizations attributed a sensitive data-loss event within the past year to undiscovered shadow data, and 27% said they lost data due to shadow apps and services.

These dynamics tie back to Enterprise Strategy Group's 2024 Technology Spending Intentions Survey, which showed data security posture management on the top 10 list for privacy and protection technologies for 2024. Sensitive data stores are growing with the increase of cloud-resident workloads, and encryption teams struggle to identify sensitive data flows to secure them.

Upping your encryption game in 2024

The future for encryption and key management lies in efficiency and optimization. Data security in the form of encryption and key management is an essential pillar in any organization's data security strategy. It protects sensitive data, helps ensure regulatory compliance, and meets contractual and data governance obligations across both on-premises and cloud infrastructure.

Security teams are under pressure to improve efficiency and deliver more, frequently without commensurate resources. The survey results speak to rationalizing, updating and optimizing an organization's encryption strategy to make the most of its investments. In the balance between pools of encryption technology vs. consolidated platforms, enterprises expect to move toward the latter that provide unified key management.

Todd Thiemann is a senior analyst covering identity access management and data security for TechTarget's Enterprise Research Group. He has more than 20 years of experience in cybersecurity marketing and strategy.

Enterprise Strategy Group is a division of TechTarget. Its analysts have business relationships with technology vendors.

Related Resources

Dig Deeper on Data security and privacy

  • cryptanalysisBy: TechTargetContributor
  • cryptographyBy: KathleenRichards
  • encryptionBy: RobertSheldon
  • communications security (COMSEC)By: PaulKirvan
Optimize encryption and key management in 2024 | TechTarget (2024)


Optimize encryption and key management in 2024 | TechTarget? ›

Upping your encryption game in 2024

What is encryption key management? ›

Encryption key management is the administration of policies and procedures for protecting, storing, organizing, and distributing encryption keys. Encryption keys (also called cryptographic keys) are the strings of bits generated to encode and decode data and voice transmissions.

What are some of the latest advances in encryption technology? ›

What are the most exciting developments in encryption technology?
  • Quantum encryption. Be the first to add your personal experience.
  • hom*omorphic encryption.
  • Post-quantum encryption. ...
  • Attribute-based encryption. ...
  • Fully encrypted databases.
  • Blockchain encryption.
  • Here's what else to consider.
Nov 8, 2023

Why is key management important in cryptography? ›

Key management forms the basis of all data security. Data is encrypted and decrypted via the use of encryption keys, which means the loss or compromise of any encryption key would invalidate the data security measures put into place. Keys also ensure the safe transmission of data across an Internet connection.

What is key management in cloud computing? ›

A cloud-hosted key management service that lets you manage symmetric and asymmetric cryptographic keys for your cloud services the same way you do on-premises. You can generate, use, rotate, and destroy AES256, RSA 2048, RSA 3072, RSA 4096, EC P256, and EC P384 cryptographic keys.

What are the 3 types of encryption keys? ›

3 Types of Encryption to Protect Your Data
  • Symmetric. The symmetric encryption method uses a single key both to encrypt and decrypt the data. ...
  • Asymmetric. The second major encryption method is asymmetric encryption, also sometimes known as public key encryption. ...
  • Hashing.

What are the two different types of keys that manage most encryption? ›

Symmetric vs Asymmetric Encryption

Asymmetric and symmetric encryption are two primary techniques used to secure data. Symmetric encryption uses the same key for both encryption and decryption, while asymmetric encryption uses a pair of keys: a public key for encryption and a private key for decryption.

What is the strongest encryption in the world? ›

AES 256-bit encryption is the strongest and most robust encryption standard that is commercially available today. While it is theoretically true that AES 256-bit encryption is harder to crack than AES 128-bit encryption, AES 128-bit encryption has never been cracked.

What is the best encryption technology right now? ›

Best Encryption Algorithms
  • AES. The Advanced Encryption Standard (AES) is the trusted standard algorithm used by the United States government, as well as other organizations. ...
  • Triple DES. ...
  • RSA. ...
  • Blowfish. ...
  • Twofish. ...
  • Rivest-Shamir-Adleman (RSA).

What is the future enhancement of encryption? ›

hom*omorphic encryption is another exciting development in the world of data security and is often regarded as the future of encryption. In simple terms, it allows computations to be performed directly on encrypted data, without the need for decryption first.

Why is key management difficult? ›

Lack of Control

Another challenge is the creation of weak keys with lower bit-length or outdated algorithms, which makes systems more susceptible to attacks. Mitigating these risks requires well-defined processes and standardization in key creation, deployment, rotation, and revocation.

What is the key management lifecycle? ›

Key Lifecycle Management includes creating, maintaining, protecting, and deleting cryptographic keys. Keys expire or become vulnerable over a period. Their shelf life decreases because of continuous usage and an increased number of authorized users.

Who should hold encryption keys? ›

"The data owner himself, herself or itself should always handle encryption keys." In short, the answer to that query should always be the data owner himself, herself or itself, but that is not usually the case.

What is AWS key management? ›

AWS Key Management Service (AWS KMS) is a managed service that makes it easy for you to create and control the cryptographic keys that are used to protect your data. AWS KMS uses hardware security modules (HSM) to protect and validate your AWS KMS keys under the FIPS 140-2 Cryptographic Module Validation Program .

What is key management tool? ›

A system for the management of cryptographic keys and their metadata (e.g., generation, distribution, storage, backup, archive, recovery, use, revocation, and destruction). An automated key management system may be used to oversee, automate, and secure the key management process. Sources: NIST SP 800-57 Part 1 Rev.

What is key management vs PKI? ›

PKI has protocols and guidelines for dealing with certificate life cycles, but a KMS actually implements life cycle management for specific keys for a specific organization using PKI standards. Key management concerns keys at the user level, either between users or systems.

What is an encryption key example? ›

Keys in early forms of encryption

"Ifmmp" looks like a nonsensical string of letters, but if someone knows the key, they can substitute the proper letters and decrypt the message as "Hello." For this example, the key is (letter) - 1, moving each letter down one spot in the alphabet to arrive at the real letter.

What are encryption keys and how do they work? ›

Encryption keys are strings of information (bits) that are used by cryptographic algorithms to encode (encrypt) and decode (decrypt) data. Encrypted data is unreadable without proper decoding, thus making it highly secure and difficult for hackers to compromise.

What is the difference between master key and encryption key? ›

The master keys are used only to encipher and decipher keys. Other keys also encipher and decipher keys and are mostly used to protect cryptographic keys you transmit on external links. These keys, while on the system, are also encrypted under the master keys. Data-encrypting keys are used to protect data privacy.

What is the key management lifecycle of encryption? ›

Key Lifecycle Management includes creating, maintaining, protecting, and deleting cryptographic keys. Keys expire or become vulnerable over a period. Their shelf life decreases because of continuous usage and an increased number of authorized users.


Top Articles
Latest Posts
Article information

Author: Sen. Emmett Berge

Last Updated:

Views: 5902

Rating: 5 / 5 (60 voted)

Reviews: 91% of readers found this page helpful

Author information

Name: Sen. Emmett Berge

Birthday: 1993-06-17

Address: 787 Elvis Divide, Port Brice, OH 24507-6802

Phone: +9779049645255

Job: Senior Healthcare Specialist

Hobby: Cycling, Model building, Kitesurfing, Origami, Lapidary, Dance, Basketball

Introduction: My name is Sen. Emmett Berge, I am a funny, vast, charming, courageous, enthusiastic, jolly, famous person who loves writing and wants to share my knowledge and understanding with you.