Danger! Outdated Encryption
Added Monday 25 April 2016
Many businesses today are still dependent on encryption standards that date back to the late 1990s. These standards are now considered insufficient for protecting sensitive, confidential or private data according to the National Institute of Standards and Technology.
In a new report titled ‘Cyber Security: Underpinning the Digital Economy’, which surveyed nearly 1,000 members, the Institute of Directors (IoD) revealed a worrying gap between awareness of the risks and business preparedness.
Whilst 9 in 10 (91%) business leaders said that cyber security was important, only around half (57%) had a formal strategy in place to protect themselves and just a fifth (20%) held insurance against an attack. Worryingly, official efforts to tackle cybercrime seem to be failing to get through to businesses, with nearly 7 in 10 (68%) IoD members never having heard of Action Fraud Aware, the UK’s national reporting centre for fraud and internet crime.
The growing threat of breaches will create a ‘cyber paradox’, the IoD said, meaning that although business will increasingly take place online, firms will no longer feel confident in the encryption methods they have in place to protect the transfer of sensitive data.
This Security Update Paper from IBM X-Force Research focuses on encryption standards relating to data in transit – providing:
- The high-level information needed to help make sense of the issues created by using outdated encryption standards
- Recommendations for building a strategy to adopt stronger encryption standards – helping to reduce security risks across the organisation.