SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Digital padlock surrounded by circuitry and shield icons data encryption
#
Data Protection
#
Ransomware
#
Encryption

UK organisations ramp up encryption to tackle evolving threats

Tue, 15th Jul 2025
Author image
By Jed Nykolle Harme, Editor

A recent survey of IT security decision makers has found that 94% of organisations are increasing the adoption of encryption, though a lack of consistency in its application continues to present risks to sensitive information.

The research, conducted by Censuswide and commissioned by Apricorn, examined the current landscape of encryption policies and protocols across UK businesses. It also tracked employers' attitudes towards encryption amid changing working practices and cyber security threats.

Encryption on the rise

According to the survey, 59% of respondents reported an increase in their use of encryption, especially to safeguard data residing on devices that are lost or stolen. The rise in remote and hybrid working was noted as a key driver for heightened encryption efforts, cited by 26% of organisations compared to 20% the previous year.

Despite improvements, challenges remain around determining which datasets require encryption. Eleven per cent of those surveyed said that identifying the right data to encrypt was among the top issues while formulating cyber security plans for remote or mobile working environments.

Shifting focus on threats

The number of organisations utilising encryption primarily to defend against ransomware has fallen. Only 10% listed ransomware as a top reason for using encryption in 2025, down from 12% in 2024 and 17% in 2023. This points to a shift towards safeguarding recoverable backups, rather than just preventing initial breaches, as ransomware attacks become more sophisticated.

Defined strategies and hardware use

The survey found that 94% of organisations have put in place a defined strategy or policy for encrypting removable media, consistent with findings from the previous year. Thirty-four percent of respondents said their organisations only permit the use of hardware-encrypted, company-approved removable media.

This approach recognises the risks associated with lost or stolen media devices, particularly those vulnerable to physical compromise. Hardware encryption remains an important part of many organisations' efforts to mitigate unauthorised access.

Encryption is only as effective as its execution. While it's encouraging to see more organisations adopt a strategic approach, policies that sit on paper won't protect data. Until encryption becomes an embedded, standardised part of all data handling, especially at the endpoint, businesses will continue to face unnecessary risk.

This was the perspective shared by Jon Fielding, Managing Director, EMEA at Apricorn.

Endpoint and portable device adoption

The survey highlighted further progress in encrypting endpoints such as laptops and desktops. Sixty-four percent said they encrypt all laptops and desktops, up from 58% in 2024. Encryption of portable media has also increased, with 54% of respondents now encrypting all USB drives and 63% encrypting all portable hard drives - up from 54% in the prior year and 4% in 2023.

Many organisations also reported intentions to further expand encryption coverage. Thirty-eight per cent expect to apply encryption to mobile devices, although this represents a drop from 50% in 2024 to 43%. Focus on removable media remains strong, with 27% planning increased encryption on USB sticks and 25% on portable hard drives.

Organisations' intentions to increase encryption also extend to other devices, with 26% planning enhanced encryption for laptops and 24% for desktops. This approach indicates a movement away from reactive measures, towards more preventative strategies, in the face of persistent hybrid working and bring-your-own-device (BYOD) policies.

A lack of encryption continues to be a significant risk factor, with 24% of respondents naming it as the primary cause of data breaches at their organisations.

With sensitive data frequently moving across multiple environments, encrypting endpoints such as laptops and removable media is critical to reducing the risk of exposure. These year-on-year increases underscore that encryption is no longer confined to core systems and is being embedded throughout the data lifecycle to safeguard business continuity and customer trust. Encryption is no longer optional; it is fundamental. The challenge now is to make sure it's ubiquitous and automatic,

said Jon Fielding, reinforcing the importance of continual and widespread encryption practices.

The findings are based on a survey of 200 IT security decision makers from the UK, conducted in late May 2025 by Censuswide, which follows the Market Research Society code of conduct and ESOMAR principles.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Rubrik boosts AWS database security with DynamoDB, RDS tools
Fortinet named SASE leader by Gartner, eyes USD $28.5 billion market
Ransomware, AI & vendor risks drive billions in 2025 breaches
Mobile app breaches cost firms USD $7 million despite confidence
DevOps platforms see surge in outages & downtime in 2024 report

Top stories

Saviynt MCP Server launches on AWS Marketplace for AI tools
KnowBe4 named a top workplace for 2025 in cybersecurity sector
Golden dMSA flaw in Windows Server 2025 exposes Active Directory
Low trust in third-party vendors weakens UK digital resilience
F5 unveils AI Assistant to automate iRules & simplify app security