Should the U.S. government be able to force tech companies to share encrypted data?
In what is likely to be a matter of ongoing debate, 66 percent of surveyed IT security professionals said governments should not be able to force tech companies to allow them access to encrypted user data, while 34 percent said they should.
That’s according to a survey security vendor Venafi conducted including some 500 crypto experts at this year’s Black Hat conference in Las Vegas.
WHY IT MATTERS
The majority of the participants came down in favor of personal privacy over any federal investigatory needs.
When it comes to understanding cyber risks, the cyber experts said 63 percent of government officials don’t understand how vulnerable digital infrastructure is to attack, while 37 percent said they do.
The issue of tech vendors keeping user data private from the government came to the fore in the wake of the San Bernardino shooting. The Federal Bureau of Investigation pursued Apple via the Department of Justice to try and force the company to unlock one of the shooter’s phones. When Apple refused, the FBI then managed to break into the iPhone without Apple’s help — thereby calling attention to the fact that encrypted data is not necessarily as safe as it once seemed.
THE BIGGER TREND
Venafi’s survey tackled the highly controversial issue of forcing tech companies to include encryption backdoors to allow law enforcement access to devices: 65 percent said if governments were to mandate encryption backdoors, security would be worse; 19 percent said security would be about the same and 16 percent said it would be better.
While healthcare organizations are better understanding and investing in cybersecurity needs, hackers are keeping pace -- and then some, according to a panel of CISOs at the HIMSS Security Forum in Boston this October last month.
At the forum, several infosec leaders rated the healthcare industry's security posture as just about average. Some say this false sense of security is based on an impression that innovation in the cloud can and will keep data secure.
ON THE RECORD
“Over the last several months, we’ve seen government officials from across the globe propose dangerous surveillance laws and protocols,” said Jeff Hudson, CEO of Venafi. “For example, the Five Eyes international alliance has been consistently pushing for mandated encryption backdoors into private technology devices. They don’t seem to realize that the same encryption technology that creates barriers for law enforcement is also used to protect all types of classified intelligence and other highly sensitive government data. A backdoor sounds great until a malicious actor gets the key, which they always do.”