Amid a rapidly evolving cybersecurity landscape, encryption has emerged as a critical component in protecting data, according to Apricorn's 2025 survey results. An impressive 94 per cent of IT decision makers reported integrating encryption more extensively within the past year.
As remote and hybrid work models gain traction, securing data on distributed and mobile devices becomes increasingly crucial. Approximately 26 per cent of organizations cited this as a major rationale for upping their encryption measures, an increase from previous years.
A striking revelation is the reduced use of encryption solely as a defense against ransomware. In 2025, only 10 per cent of IT leaders viewed this as its primary use, suggesting a shift towards more comprehensive data recovery strategies via protected backups.
However, there remains a significant gap in encryption knowledge. Some 11 per cent of respondents admitted uncertainty about which data sets required encryption, posing a challenge in crafting effective cybersecurity strategies for remote working.
The usage of encryption has become more widespread across various devices, with 64 per cent of organizations now encrypting all laptops and desktops, showcasing an increase from the previous year. Moreover, encryption of USB drives and portable hard drives has also peaked.
Looking to the future, businesses intend to further fortify mobile device encryption, despite a dip in past application rates. Removable media also remains a key area of focus, with many organizations planning to ramp up their encryption efforts.
Many have flagged the lack of encryption as a significant factor in security breaches, prompting organizations to adopt a proactive rather than reactive security stance. This shift is vital as BYOD policies, remote work, and hybrid environments become norm.
As encryption continues to permeate across device types and data handling processes, it serves as a foundation to mitigate risks associated with portable storage and endpoint data breaches. Businesses are now recognizing encryption as an essential, rather than optional, tool in maintaining business continuity.
