“We need encryption! Make it end-to-end! Implement it everywhere!”
Sound familiar? These are the mandates that many CISOs are receiving right now. They’re coming from executive management teams that are alarmed by the rising tide of ransomware attacks, scrambling to address privacy pressures from customers and regulators, and wildly casting around for an easy, failsafe solution.
As is almost always the case in cyber security, CISOs know that no solution is completely infallible. Encryption can certainly be an asset, though. Used wisely, it can be a company’s best defence against unauthorised entry to corporate networks and theft of company and customer data.
And encryption has never been easier or more cost-effective to deploy. Many of the technology products in which our companies invest now come with default encryption settings included. Internal software engineers often incorporate encryption capabilities, too, when they’re developing new apps and services according to secure by design principles.
In short, encryption is a standard safety feature of many new software products, like airbags in a new car.
But is it easy? Is it foolproof? Absolutely not. CISOs…
