The Evolution of Encryption Adoption

We know that encryption is the best way to secure data. No other technology does more to secure sensitive, controlled, and private data than encryption. And currently, the best encryption algorithm available is Advanced Encryption Standard 256 (AES-256).

We also know that the world operates on data, and that data is primarily transacted within cyberspace. Over the last 30+ years, we have evolved from brick-and-mortar operations to cyber-operations. As a result of this evolution, we create, consume, and store more data than ever before.

Unfortunately, despite these facts, encryption technologies are poorly adopted. Based on recent reports, 7,000,000 unencrypted data records are compromised globally, every day1. That’s no surprise given that only 60% of enterprises worldwide indicate that encryption was “extensively employed on company backups and archives2 and only 42% of respondents use encryption to secure their customer data3.

So, why don’t we see greater adoption of encryption?

After all, encryption is the best technology for securing data. It doesn’t make sense that encryption isn’t the best-selling technology for securing data. Actually, with the exception of IBM, the top 10 cybersecurity companies to know in 2024 (according to eSecurity Planet) don’t even offer comprehensive data encryption solutions.

If data encryption is the best way to secure the data, why isn’t it more of a priority? The answer is simple. Data is fluid. Meaning we collect data to use it. We don’t (or shouldn’t) collect data just to store it. Even our back-ups and archives are fluid. As they need to accommodate create, read, update, and delete (CRUD) functionality, and they need to be audited and tested. All of these functions are dynamic, requiring the data to be accessible, flexible, and fluid.

Traditional encryption at rest and in transit just doesn’t support data fluidity. It’s very binary in the way it’s either encrypted (secure) or it’s decrypted (fully exposed). In order to meet the usage demand, the best practice is to unencrypt the encrypted dataset, move that plaintext dataset to memory (RAM, cache, CPU, storage, or a processing server), run your CRUD activity, then re-encrypt the data when finished. This takes time, additional resources, and needs to be planned. Unfortunately, that doesn’t align to our evolving data needs. As a result, we do not encrypt data because you can’t work with encrypted data, and we need immediate access to data.

Business and cybercrime have evolved, now encryption needs to evolve.

Defense-in-depth originally began with the data and moved out to the end user. But there were limitations in how we protected the core data (limited encryption capabilities). In addition, the business technology world evolved to meet our operational demands driven by dominant cyber-centric strategies, cloud adoption, globalization, scalability, and cyber-crime.

As we evolved, we pushed into a more network-centric cybersecurity strategy. We moved to keep the threat actors out of our expanding, complex networks. After-all, the data needs to be vulnerable to support CRUD activities such as basic customer service functions. We know we must be immediately responsive to customer demand.

A prime example of this is basic customer support. Representatives are located globally, ready to respond the any billing inquiry or account question. In order for any rep. to rapidly handle a customer’s need, the data must be readily available. No one is going to wait for a large database to be decrypted just so it can be queried or searched. That’s ludicrous.

That exposure to the data is referred to as “acceptable risk”. To protect it, the only recourse was to keep the threat actors away from the data. To keep them out of the network. But this has evolved to be way too complex and the threat actors know that you’ve got too many holes to plug. They thrive on the castle-and-moat strategy of security. This is undeniable as the cost of data breaches worldwide is $8 trillion, and rising.

Evolution over Change

We need to evolve our strategy. This isn’t a change, this is an evolutionary upgrade. Encryption has evolved so you can now search encrypted data and support your end users with immediate access to the data they need. Encrypted data can now support CRUD activity without ever decrypting the datasets first. Encryption technology has evolved to meet the new business and cybercrime environments.

Think of this as a new tool that you’ve never had access to. Being able to search encrypted data, without decrypting it first, is like upgrading from a fire bucket to a fire truck.

We understand that it’s new and some security experts will remain attached to what they already know (the bucket) because that’s where they’re most experienced; it’s what they understand. But it’s time to consider a new way to approach the growing data theft and ransom challenge—upgrade from the bucket to the fire truck). It’s time to leverage a better, more efficient tool to address the evolving fires.

Progress is impossible without change; and those who cannot change their minds cannot change anything. – George Bernard Shaw  

Paperclip realized about eight years ago that we needed a better tool. As a 32-year-old company, we’re constantly evolving and innovating solutions based on our clients’ needs. As a company that began in the digitization and content supply chain space, we have evolved to become an innovator in data security and content management.

As a result of our large client base, Paperclip is the custodian of terabytes of sensitive data—our client’s data. And all that data was fluid. It needed to be available, yet every time it was made available, it was exposed to risk. We had to think differently than we ever had before. At that moment, the Paperclip team had to change their mindset in how they approached the problem.

The encryption solutions and cybersecurity technologies available to us were inadequate and needed to evolve to meet the growing cybersecurity threat landscape. In other words, we only had a bucket in preparation to put out a possible inferno. This led to the creation of Paperclip SAFE® searchable encryption, the only always-encrypted data solution available today. After two years of research, four years of development, and two years of internal use, Paperclip introduced SAFE to the market in 2023.

Consider the questions below as you evaluate your current data security strategy and consider how to best evolve that strategy.

  • What if you got to build your cybersecurity environment from scratch—without stopping your operations? Would it look different than it does today?
  • Knowing that threat actors are highly innovative in their approach, would you choose innovation and evolution over yesterday’s traditional and standard solutions?

If your answer is yes to these questions, book an appointment to learn how SAFE can transform your data security.

 

Sources:

1 Varonis 2022 report on Data Security

2 Statista 2021

3Entrust 2021