‘Data breach has huge implications for businesses’
The data that resides on a mobile phone is better protected than the data that resides in most corporate data centers.
Eighty percent of the data on mobile phones is encrypted, according to a 2017 Solitaire Interglobal Ltd. study, because it's easier to encrypt data on millions of identical devices. Encryption is often largely absent in corporate and cloud data centers because current solutions for data encryption in x86 environments can dramatically degrade performance (and user experiences), and can be too complex and expensive to manage.
A recent study found that extensive use of encryption is a top factor in reducing the business impact and cost of a data breach. To put that in context, the IBM X-Force Threat Intelligence Index reported that more than four billion records were leaked in 2016, which was a 556 percent increase from 2015.
Regulatory bodies are establishing standards in response to growing security concerns. These include:
• The European Union, for example, has established the General Data Protection Regulation (GDPR), that will increase data protection requirements for organizations doing business in Europe starting next year. GDPR will require organizations to report data breaches to the regulatory authority within 72 hours and face fines of up to four percent of annual worldwide revenues or 20 million Euro, unless the organization can demonstrate that data was encrypted and the keys were protected.
• At the U.S. Federal level, the Federal Financial Institutions Examination Council (FFIEC), which includes the five banking regulators, has provided guidance on the use of encryption in the financial services industry.
• Singapore and Hong Kong have published similar guidance regarding use of encryption.
• Recently, the New York State Department of Financial Services published requirements regarding encryption in the Cybersecurity Requirements for Financial Services Companies.
Three years ago, as it began the design process for the next generation of its iconic mainframe, our customers -- representing the banking, retail, insurance and healthcare industries -- asked if the massive scale of the world's biggest transaction engine could be extended at the same massive scale for data security. In the end, more than 150 companies had a say in the development of IBM Z.
The new system is