Preventing Database Breaches with Application-Layer Encryption

Data breaches are more prolific than ever, with 2021 seeing 5250 confirmed instances involving large companies such as Facebook, LinkedIn, and Ubiquiti. Such breaches are not only a privacy concern, but are also very costly to the involved organization, incurring a loss of $4.24 million on average. The good news, however, is that in breaches where strong Zero Trust principles were employed this cost decreased by $1.76 million. In this talk we show how Application-Layer Encryption (ALE) can be applied at the database level to provide strong protections against breaches. While traditional at rest database encryption helps protect your data in case of a direct breach, database ALE can ensure cryptographically that even authorized applications have minimal access. This means, that even if your data producing application contains a vulnerability, compromising this application won't give the attacker access to your data. Through the use of modern cryptographic techniques, database ALE can even be implemented without fully sacrificing useful capabilities of the database, such as search. About our presenter: Philip has a background in mathematical engineering but has always had a strong interest in computer science, a combination which eventually resulted in a PhD in symmetric cryptography. Today he has the technical responsibility for the development of CYBERCRYPT's Encryptonize product.