Encryption is more popular than ever. It’s no secret that the technology has become ubiquitous in recent years, with millions of consumers using messaging apps to communicate securely on a daily basis. But, in the rush for consumer end-to-end encrypted communication, businesses have been left behind, often forced to rely on platforms that sacrifice security for a feature-rich suite of options.
Fortunately, the tide is well-and-truly changing. Wire gathered representatives from business, government and academia for a roundtable discussion to emphasise the importance of adopting encryption for businesses and organisations.
The panel looked at the role of the technology for nations, businesses and individuals to ask: “What is the future of encryption?”
Hosted by Wire COO/CTO and co-founder Alan Duric, industry experts and journalists discussed the relationship between encryption and data protection, challenges to adoption and how the technology could be used in the future.
The past few years have seen a boom in popularity for end-to-end encrypted communication (E2EE), which has now become a staple of consumer messaging services. Yet surprisingly, services with a similar level of security for businesses are lagging far behind. Now, as more companies are falling victim to increasingly sophisticated cyberattacks that exploit outdated communications systems, the need for secure business messaging services is more pressing than ever.
The panel, chaired by the Mobile Ecosystem Forum’s Andrew Bud, discussed the current role of encryption at the national, personal and commercial level, whilst looking ahead to its uncertain future. Also in attendance to discuss this vital issue with Wire were, David Rogers, CTO of the Ministry of Justice, Etienne Greeff, CTO and Founder of SecureData, and Dr. Martin Albrecht, Lecturer of Cybersecurity at Royal Holloway, University of London.
The use of encryption and cryptography can be traced to early written cyphers like the Caesar Cipher, through to its mechanisation with the typewriter sized Enigma Machines, to today’s technology that has not only grown more complex and automated, but also shrunk to fit comfortably into your pocket.
As the internet has grown, so the traditional encryption monopoly has waned, beginning with the spread of open-source encryption protocols like Pretty Good Privacy. Buoyed by the Snowden revelations, companies have gone further still, releasing dozens of encrypted consumer messaging platforms. As a result, secure communication tools — which were once under the control of governments and militaries — are now available to millions worldwide.
But for businesses, perhaps the most pressing reason for the adoption of E2EE is the EU’s looming General Data Protection Regulation (GDPR). Alarmingly, 28% of organisations believe that they don’t need to become compliant with the law. The trouble is that businesses do not see themselves being fined if they are not compliant, even though the risk is very much there.
Worse, lax security threatens to expose businesses and individuals to malware and viruses that pose a serious threat to livelihoods. Sectors like healthcare and financial services have already been exploited by high profile infiltrations like WannaCry, and if this form of data breach proliferates, private and public sector organisations alike will buckle under heavy revenue loss.
Communication — and attitudes towards communication — are a core element of data protection policy. Employee engagement in security is a key component of any data protection policy, and encryption plays a key part in that. Of course, there are those that believe communication is just a small piece of the data protection puzzle. And whilst this may be true, communication forms the nucleus of an organisation’s digital footprint, and should therefore be at the top of the security agenda.
Email is becoming redundant, at least as a means of secure communication. In fact, 30% of people will open emails containing malicious attachments. Clearly, these attacks are proliferating, which is unsurprising given the technology is half a century old.
The fact is that email is quickly becoming outmoded as a method of communicating with colleagues and associates. Secure messaging platforms, including those that use encryption, offer a service that isn’t essentially CC’ing cybercriminals or government entities, meaning that data is shielded from any party that may attempt to access it. It’s for this reason that companies should evaluate their current business model, how cybersecurity currently fits into it, and how they can more effectively to utilise E2EE technologies to communicate with greater flexibility and protection.
Ultimately, the panel agreed that encryption will become increasingly important, not just for our messaging and communication needs, but to underwrite the Internet of Things, connected devices and driverless cars of the future. Moreover, as businesses begin to adopt secure communications tools, so will their neighbours and rivals.
It’s like snowboarding. It was unpopular to wear a helmet twenty years ago, but after a few high-profile accidents, people started to reconsider. Now, you would never think of hitting the slopes without one.
The same is true with business security, encryption is the helmet — and your head is the data. As the number of stories of data breaches and hacked communications continues to grow, encryption continues its journey from optional extra to absolute necessity.
Is your business looking to upgrade the security of your internal communications? Try Wire’s end-to-end encrypted communication and collaboration platform for free for 30 days.