Matching Security to Data Threats – More is Not Better, but Less Can be Bad

Author(s)/Presenter(s):
Library Content Type:
Publish Date: 
Thursday, September 19, 2013
Event Name: 
Focus Areas:
Abstract: 

A chain is only as strong as its weakest link and adding more links doesn’t make it any stronger. The same is true for securing critical data with encryption – just adding more encryption doesn’t necessarily make critical data more secure. The challenges facing most organizations are twofold: 1) understanding which threats and vulnerabilities apply to them and their data, and 2) knowing when they have sufficient data encryption to protect them from the threats, but not so much that their costs and management resources are strained. It is additionally important to understand that not all threats can be addressed by data encryption and that some threats may have to be rationalized by an organization in terms of the cost of the remedial work.

Learning Objectives

As a result of participating in this session, attendees will be able to understand which threats can and should be addressed by data encryption and which threats need other solutions
As a result of participating in this session, attendees will be able to understand where and when multiple data encryption technologies are complementary, and where they are redundant
As a result of participating in this session, attendees will be able to understand how to justify the deployment of data encryption based on cost of deployment, management and the cost of failure to do so