"Caspar Bowden (lists)" <li...@casparbowden.net> wrote: > I downloaded Ponemon/Thales new survey of n=4275 IT managers (United > States, the United Kingdom, Germany, France, Australia, Japan, Brazil, > and Russia) a couple of days ago by registering here > <https://t.co/8rI2Z8vy1j>, but they appear to have now pulled the report. > > It is remarkable that one third IT managers not only think that it is > possible to compute with encrypted data, but that they are doing so already. > > Here's the relevant text (red is my emphasis) and screenshot with graphs > > [If they don't understand this, what else don't they understand about > their organization's security?] > > CB > > *Who controls the encryption keys*
I don't doubt that (at least) one third of the questioned "IT managers" don't understand their organisation's security, but without a definition of "control" I'd assume that "Ponemon/Thales" were merely asking who legally controls the encryption keys. Otherwise one would also have to mention the people who wrote the OS, the firmware, the application, people who provide software and hardware updates, cleaning personal, successful attackers etc., even when not looking at "cloud" environments. Fabian -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.