Over the past two decades, there has been a significant increase in global data usage across verticals. Corresponding with this growth is the advancement of data-hungry artificial intelligence and machine learning capabilities, as well as data protection technologies that allow these business-enabling tools to safely and securely leverage data. For many organisations, data is now […]
Over the past two decades, there has been a significant increase in global data usage across verticals. Corresponding with this growth is the advancement of data-hungry artificial intelligence and machine learning capabilities, as well as data protection technologies that allow these business-enabling tools to safely and securely leverage data.
For many organisations, data is now recognised as one of their most valuable assets due to the crucial role it plays in competitive differentiation and business success. However, while data holds tremendous potential for advancing business outcomes, it also carries the potential to elevate risk.
Companies need to protect the usage of data and prevent sensitive information from being exposed, manipulated, stolen, or otherwise compromised. Homomorphic encryption (HE), a key pillar of Privacy Enhancing Technologies, is helping directly address these challenges.
Frequently hailed as the ‘holy grail’ of encryption, HE offers a unique ability to secure the usage of data by enabling operations such as searches and analytics to be performed in the encrypted (cipher) domain as though it were happening in an unencrypted (plaintext) world. This allows data to be used securely across boundaries and silos, completely changing the paradigm of how and where organisations can leverage data to unlock value.
HE is a pillar of the increasingly recognised category known as Privacy Enhancing Technologies (PETs), whose value has been highlighted by numerous global influencers, including the United Nations, Royal Society, CIPL, and the ICO. Among the technologies in the PETs family, HE stands out because it allows organisations to extract value from data while ensuring the highest levels of privacy and security.
Its potential to revolutionise data usage is transformative: businesses can extract value from data via searches, analytics, and AI/ML without decrypting the content of the operation or exposing their interests.
The state of data usage risks
Sectors such as healthcare, financial services, and the public sector are often considered high risk due to the sensitive nature of the information they handle. Any loss or exposure of this data can have severe consequences, leading to misuse in the form of fraud, identity theft, and other malicious activities.
Additionally, reputation is paramount in these sectors, and the loss of trust associated with such events can damage the organisation’s brand and cause declines in customer loyalty and overall business profitability.
Data privacy and security challenges are further amplified by regulatory compliance and third-party dependencies. The frequent changes to the heterogeneous regulatory landscape underscore the urgent need for comprehensive and resilient data protection strategies, especially among these compliance-dependent sectors.
Balancing the need for collaboration and data-driven insights while prioritising privacy and security is a challenge. HE-powered solutions can serve as an organisation’s secret weapon by empowering data usage while still addressing these concerns.
Putting homomorphic encryption to work
To better understand the power of homomorphic encryption and its current and potential applications, it is helpful to consider its origins and advancements. HE has been the focus of academic and corporate research for decades. While the technology’s potential was evident from the beginning, performance challenges made the path to broad-scale use a decades-long pursuit.
Initially, HE computations could take hours or even days to process, rendering it impractical for enterprise applications. However, continuous breakthroughs during the past ten years have rewritten this narrative, enabling HE to be leveraged for a wide range of business use cases. HE has evolved from academic darling to being adopted by some of the most influential brands in the world, including Apple.
Beyond the evolution of the technology itself, market drivers such as regulatory and policy advances, along with the proliferation of global data sources and silos, have amplified the importance of secure and private data usage. Organisations today need the ability to extract value from data sources across boundaries without compromising security or increasing risk. This requirement has fuelled interest in and exposure to the broader PETs family because of the technologies’ unique ability to preserve, enable, and enhance the privacy and security of data throughout its lifecycle.
The rise of PETs
The value proposition of PETs is tied to protecting data while it is being used or processed, a state often referred to as Data in Use. While encryption is widely employed to secure data at rest and in transit, a critical gap in protection remains when it comes to data utilisation. PETs address this vulnerability by allowing data to be leveraged in a manner that safeguards the user’s interests. Along with HE, secure multiparty computation (SMPC) and trusted execution environments (TEE) are recognisable pillars of the PETs category.
Each technology is unique in its ability to offer a viable solution to the data sharing challenge by enabling entities to extract value from sensitive data assets without compromising privacy or security. PETs are being used at scale today, playing an important role in business-enabling use cases relating to fraud detection, third-party data usage, and cross-silo collaboration. Given the fast pace of exploration and adoption, industry professionals would be well advised to familiarise themselves with the wide-reaching applicability of PETs.
In a regulatory and data-immersed climate, capabilities that enhance data security, preserve privacy, and promote collaboration for data-driven advancements are essential to core business functions. Regulated industries such as healthcare, financial services, and the public sector are embracing HE and other PETs out of necessity, and will continue to do so at an accelerating rate. Technology and security leaders need to recognise the business-enabling impact of these technologies and take proactive steps towards adoption to ensure a protected, data-enriched future.
