It has been known for a long time, but it is obviously worth repeating: encryption protects data.

Thanks in large part to the Hannaford Brothers breach, which potentially compromised more than four million credit and debit card numbers, 2008 looks likely to be yet another record-breaking year for data breaches. In fact, according to the Identity Theft Resource Center, the first three months of this year show that 2008 is on track to double the number of breaches recorded in 2007.

So, while law enforcement organizations, security analysts, the media and consumers try to figure out exactly what happened at Hannaford, the truth of the matter is that we already know how to prevent it from happening again: implement end-to-end encryption of data.

It will take months to sort out exactly what happened at Hannaford, but it doesn't really matter how the data was stolen, nor does it really matter whether the organization (as reported) was truly compliant with the Payment Card Industry Data Security Standard (PCI DSS). What matters is that bad guys were and will continue to be at least one step ahead of network security, so the only surefire way to safeguard data is to encrypt it -- period.

It is worth noting that as a result of the data breach, Hannaford recently announced a large scale security initiative that goes beyond the safeguards within PCI. And, a large part of that initiative calls for greater use of encryption.

Encryption works to thwart criminals in two ways. First, if they know the data is encrypted, they will most likely go after an easier target. Second, if they do steal the encrypted data, it is unreadable and useless to them without the encryption key.

Encryption is the new black

While security hasn't always been trendy, apparently the industry is following the fashion industry culture by going retro. So what's making the age-old technology of encryption today's hottest security trend? In today's world, the protection of sensitive data is one of the most critical concerns for organizations and their customers. This, coupled with growing regulatory pressures, is forcing businesses to protect the integrity, privacy and security of critical information. As a result, encryption and cryptography are emerging as the foundation for enterprise data security and compliance, and quickly becoming the foundation of IT security best practices. Cryptography, once seen as a specialized, esoteric discipline of information security reserved primarily for military and financial industries, is finally coming of age, because, encryption protects data. Period.