top of page
  • Deborah

According to the Canadian Centre for Cyber Security, ‘encryption encodes (or scrambles) information. Encryption protects the confidentiality of information by preventing unauthorized individuals from accessing it.’


The UK Information Commissioner’s Office (‘ICO’) also provides a simple and clear explanation of data encryption by defining it as ‘a mathematical function that encodes data in such a way that only authorized users can access it’.


It is the process of turning data into “ciphertext”, rendering it unreadable to users that do not detain the correct decryption key or password.


Depending on the type and risks of a processing activity, encryption is considered as a good process for data protection. It is indeed mentioned in regulations such as GDPR in the EU.

Encryption is an important part of cyber security, one of the many security controls that helps protect the confidentiality of data. One of the best practices recommended is to implement an encryption policy by, amongst others, evaluating the sensitivity of the information. Entities should also provide training in the use and importance of encryption to protect and store data in a secure manner.


Various international standards exist with regard to encryption. and entities should ensure that their encryption solution or technology meets the relevant standards.

Recent Posts

See All

Information, Communication Technology (ICT) systems, generally includes all hardware, software, applications and systems that combined enable people and organizations to communicate digitally. ICT enc

25 January 2023 - Comments requested on Financial Conduct Authority (FCA) proposed Sustainability Disclosure Requirements (SDR) and investment labels. 6 February 2023 - Comment period closes for the u

Last November, 2022 the Bank for International Settlements (BIS) and the International Organization of Securities Commissions (IOSCO) published their Level 3 assessment of cyber resilience on 37 Finan

bottom of page