Encryption

Encryption

Data encryption is crucial in protecting confidentiality of company information. However recent advances in artificial intelligence can be used to crack encryption that is considered future-proof.

According to the ISO 27001 standard it matters what encryption we use: „Rules for the effective use of cryptography, including cryptographic key management, shall be defined and implemented.” (A8.24)

If we take a closer look at the requirement, it is clear that the security measures (regulations or technical protection) must cover

  • the complete key management process and
  • cryptography usage (where, what, how).

Like any other controls, this requirement is not specific, the user of the standard must choose the risk-proportionate encryption method and key length. Long term valuable secrets shall be provided with stronger protection than is currently necessary, as with the development of technology, today’s encryption can become decryptable.

Since attacks focus on the weakest link, it is worth encrypting the entire data transmission channel (end-to-end cryptography), and even the stored critical data. Encryption not only protects the confidentiality of information, but also its integrity.

01/07/2024
«
»
DACHS
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.