It seems like everyone has an opinion about encryption these days. Almost every day we see another official pronouncement or encryption backdoor suggestion. Recently Ray Ozzie, a prominent software engineer, announced a backdoor proposal that was meant to bridge the gap between security and privacy. However, Ozzie’s recommendations were met with much contention from members of the security industry.
But, Ozzie’s proposal is not a unique occurrence. Over the past twelve months, there have been countless comments and legislative suggestions from prominent officials that pave the way for mandated encryption backdoors. Ultimately, Ozzie’s proposal represents another chapter in a massive debate that has been brewing for years.
During last month’s RSA Conference, Venafi conducted a survey to examine how security professionals have been adapting to this evolving controversy. Over 500 security professionals participated, and we compared their answers to similar survey conducted at last year’s RSA conference.
According to the survey, 64% of respondents say their personal encryption usage has increased due to recent geopolitical changes. This represents a dramatic increase in encryption reliance since last year. For example, when asked the same question at RSA Conference 2017, just 45% of attendees answered similarly.
“We’re entering a world where machines process and conduct transactions autonomously,” said Kevin Bocek, vice president of security strategy and threat intelligence at Venafi. “As a result, it will be incredibly important to preserve privacy with the use of strong encryption. Despite the challenges this poses, it’s excellent news that more than half of these security professionals use encryption to protect their personal privacy.”
Venafi’s survey also found that security professionals are becoming more apprehensive about encryption backdoors. 84% of respondents say they are more concerned about them in 2018 than last year, compared with 73% who expressed similar concerns at RSA 2017.
Bocek concluded: "Research shows that concern over encryption backdoors is growing, especially as our adversaries become more sophisticated and better equipped to exploit weaknesses. We must secure the privacy of machines, including Docker containers, Kubernetes clusters and cloud instances – all of which can scale in milliseconds. These machines will represent a new challenge for the next generation of RSA Conference attendees.”
How are you responding to growing threats of mandated encryption backdoors?