Encryption in use moves into focus after IBM-SLA data breach

GSTechnologies plc

The IBM-SLA data breach shows a simple but important problem in enterprise cybersecurity: sensitive data can be exposed even when it is being used outside the main production system.

The breach involved unauthorised access to a dataset created for vendor development and testing. That dataset was meant to contain mock or anonymised data, but was later found to include real personal information, including names, NRIC numbers and past property addresses. Around 70,000 people were affected.

Businesses often copy data into testing, development, vendor and cloud environments. These environments are necessary for operations, but they can also create risk when real information is used in the wrong place. If that data is readable, a breach of a secondary environment can become a breach of personal information.

Most organisations already use standard cybersecurity tools to protect systems. These include access controls, firewalls, monitoring, authentication and encryption for stored data or data moving between systems. These controls are useful, but they do not fully protect data while it is being used. In many systems, sensitive information must be decrypted before an application, employee or process can work with it.

Once data is decrypted, anyone with the wrong level of access, or anyone who compromises the right system, may be able to see it.

Encryption in use is designed to close that gap. It keeps sensitive data encrypted by default and only reveals what is needed, when it is needed, and to an authorised user or process. System access should not automatically mean data access.

Vaultrex is built around that approach. Instead of relying only on protection around the database, application or cloud environment, it protects the data itself. Its model uses controlled, just-in-time decryption, so only the required data element is revealed for an approved task. Once that task is complete, the information is automatically re-encrypted.

GSTechnologies plc (LON:GST) is a global technology company listed on the Main Market of the London Stock Exchange under the ticker, GST. The group operates three core businesses across blockchain payments and financial services, forex, as well as cryptoasset exchange. The group has operations in the UK, Lithuania, Singapore, and Australia.

Share on:
Find more news, interviews, share price & company profile here for:

Latest Company News

Encryption in use moves into focus after IBM-SLA data breach

The IBM-SLA breach shows why protecting data while it is being used is becoming a key issue in enterprise cybersecurity.

GSTechnologies to invest US$1m in Singapore AI company Sodales AI

GSTechnologies has agreed a proposed US$1.0 million investment in Sodales AI, supporting its AI, fintech and blockchain strategy.

GSTechnologies secures US$10 million unsecured loan facility

GSTechnologies has entered into a US$10 million unsecured term loan facility with Clarivan Group Kommanditbolag to support working capital and growth plans.

Vaultrex targets a clear enterprise AI security problem

Vaultrex is designed to help enterprises use AI while keeping sensitive data encrypted, controlled and accessed only when required.

GSTechnologies provides update on Semnet proceedings

GSTechnologies reports that stay applications filed by the Semnet sellers and a former employee were dismissed by the Singapore Supreme Court, with costs awarded to Semnet. Further court dates are scheduled for 4 June and 9 June 2026.

Agentic AI governance becomes a board-level risk issue

Agentic AI can unlock enterprise automation, but governance will decide how safely and quickly companies can scale it.

Search