Sponsored by the PGP Corporation, the study also focused on how recent data breaches might be influencing the use of encryption and how various state and federal security and privacy regulations might affect the adoption and implementation of encryption technologies. Other issues covered in thesurvey included: The functional area responsible for procuring and implementing encryption.
Common uses and reasons for using encryption.
The types of data elements most likely to be protected by encryption (such as Social Security numbers, credit cards and so forth). Respondents’ level of confidence respondents that encryption will safeguard personal and sensitive information.
Types of data encrypted: The most important types of data that should be encrypted for storage and/or transmission are: business confidential documents (57 percent), records containing intellectual property (56 percent), only sensitive customer information (56 percent), accounting and financial information (41 percent) and employee information (35 percent). Interesting to note that customer and consumer information scored a low 8 percent and 6 percent, respectively.
The top five types of personal information about a customer, consumer or employee that should be encrypted are health information (72 percent), sexual orientation (69 percent), Social Security number (67 percent), family members (66 percent) and work history (57 percent).
Encryption Increases Confidence in Security
The report found that information security and privacy professionals have the most confidence in their organization’s security program when it uses encryption as part of an enterprisewide implementation plan.
As shown, the highest confidence level (.82) is achieved for the group of respondents who report that their companies deploy encryption and have an enterprise implementation plan.
Freq Average Confidence Score* We have an overall encryption plan or strategy that is applied consistently across the entire enterprise.
The primary person most report to is the chief information officer (36 percent) followed by the chief technology officer (30 percent).
http://www.csoonline.com/read/020106/ponemon.html