When it comes to technology adoption in the APAC region, Hong Kong has always been at the forefront. The same applies to their ardent attitude towards cybersecurity which was quite evident from their Cybersecurity Fortification Initiative 2.0 (CFI 2.0) that came into effect in January 2021. A new study by the Ponemon Institute highlighted that security and IT professionals in Hong Kong continue to outpace the global average when it comes to the adoption of enterprise-wide encryption, with a particular focus on cloud services, applications, and containers. The study additionally reports the cybersecurity challenges that organizations face today and the subsequent contributing factors of how and why organizations deploy encryption.
The Threats and Priorities
For the second consecutive year, 54% of respondents in Hong Kong said that they have adopted a consistently applied encryption plan/strategy. These numbers are well ahead of the global average, which stands at 50%. Also, for the second straight year, the people of Hong Kong believe that the biggest threat to the exposure of sensitive data was employee mistakes (47% vs. 53% globally) and system or process malfunction (36% vs. 31% globally), followed by hackers (33%).
The survey also revealed Hong Kong’s dependence on cloud technology as around 6 in 10 (59%) organizations reported transferring data to the cloud. This is up from 55% last year and is expected to surge an additional 24% in the next 12-24 months. Similarly, just over half of organizations said that they deploy encryption for the public cloud services (51% vs. 46% globally) which they use extensively. In doing so, the Bring Your Own Key (BYOK) management support has been cited as the fastest-growing feature of cloud encryption solutions (53%). Furthermore, nearly half (47%) of IT professionals in Hong Kong deploy encryption for containers, the highest rate worldwide, up from 40% last year and far above the global average of 32%.
Greater Adoption of Hardware Security Modules (HSMs)
The issues associated with key management are increasingly seen in the organizations in Hong Kong as two-thirds reported a high rate of overall pain associated with managing keys or certificates. This is up from 61% last year and higher than this year’s global average of 56%. Talking about the factors for driving it, the majority of the respondents suggested that there is “no clear ownership” (74% vs. 64% globally), with inadequate key management tools in second place (58% vs. 46% globally).
These results indicate the importance of HSMs to encryption or key management strategy. It is expected to increase from 63% to 79% over the next 12 months. Similarly, with the increased focus on cloud migration, organizations in Hong Kong prefer using HSMs that they own and operate (54% vs. 41% globally).
Michael Tai, Area Vice President of Greater China at Entrust, said, “Organizations in Hong Kong are increasing their use of the cloud and containers as IT and security professionals focus on the risks associated with employee mistakes and system or process malfunctions. As they strive to protect customer information and intellectual property and to comply with data privacy mandates, organizations on average now use more than eight different products that perform encryption. This brings new challenges associated with discovering where sensitive data resides, deploying encryption technology, and training users to use encryption appropriately.
Key management still causes a high level of pain, due to concerns about key ownership and inadequate key management tools. As they deploy encryption for databases, containers, and cloud applications, organizations in the region seek encryption solutions that offer scalability, tamper resistance with an HSM, but as cloud use increases, organizations prefer to own and manage the HSMs used to protect cloud applications.”