IBM Z16
After a #databreach, will having pervasive encryption help a company get back to business?
Dominic Trott
(1/3) Poor key management may give malicious actors not only access to data, but also to encryption keys
Dominic Trott
(2/3) Loss of the keys means not only compromised data, but also genuine users may be locked out
Dominic Trott
(3/3) Pervasive encryption, including centralised key management, helps prevent this
Guillaume H⭕️areau
Sure, better protecting their data, is a like a quality insurance.
Adam Jollans
There's also the challenge of restoring trust in a company following a data breach - pervasive encryption can be part (but not all) of the solution here
Guillaume H⭕️areau
Moreover, #pervasiveEncryption and #GDPR – Controllers may not need to report breach to data subjet if the data was encrypted.
Guillaume H⭕️areau
@adamjollans Absolutly true, this is not the alpha and the omega, but part of the solution. It needs to be completed by others security measures
Dominic Trott
@GuillaumeIBM quite right - in fact reputational damage expected to be far more 'costly' than fines for non-compliance
Dominic Trott
@adamjollans this is why it is so important that boards are making decisions based on a proper understanding of the risk they face!
Adam Jollans
and it's the Board members who will get the blame if there's a signficant data breach