Why “We Encrypt at Rest” Is No Longer Enough

Last Updated on March 24, 2026 by Arnav Sharma

There’s a line I keep hearing in security reviews: “We encrypt the database. We’re covered.”

A few years ago, that answer was acceptable. Today it’s a liability. The threat landscape has shifted enough that basic encryption posture, TDE at rest plus TLS in transit, is table stakes, not a strategy. The real risk lives somewhere else now: in what happens to your data while it’s actually being used.

This blog covers where database encryption is heading in 2026 and beyond. Not as a vendor pitch, but as an honest look at the forces reshaping how organizations protect their most sensitive assets. Market forces, new cryptographic primitives, regulatory pressure, and the AI wildcard are all converging at once

The Market Is Sending a Clear Signal

The database encryption market was valued at roughly $2.88 billion in 2025. Projections point toward $21 billion by 2035, at a compound annual growth rate of around 22%. The cloud encryption segment, where most database workloads now live, is moving even faster at 30% CAGR by some estimates.

That kind of growth doesn’t happen without pressure. Organizations are investing because they have to, not just because they want to.

Three forces are consistently driving demand across every report and analyst briefing:

• Regulatory proliferation. GDPR fines have exceeded €5.65 billion since 2018, with 2025 alone accounting for €2.3 billion, a 38% year-over-year jump. New regulations are layering on top of existing ones at a pace that is genuinely difficult to track. In a single month in May 2025, at least 264 regulatory changes in privacy were recorded globally.
• Cloud sprawl. 67% of organizations now store more than 60% of their data in the cloud. Sensitive cloud data encryption has climbed from 46% in 2021 to 68% in 2025. The perimeter is gone; encryption is filling the gap.
• Breach economics. IBM’s 2025 Cost of a Data Breach report puts the global average at $4.44 million per incident. The U.S. average is $10.22 million, up 9% year-over-year. Breaches involving unencrypted data cost 29% more. The math is straightforward.

The Old Narrative Is Collapsing

For roughly a decade, the standard answer to “how do you protect your data?” was some version of: encrypt at rest, encrypt in transit, done. That model worked reasonably well when data lived mostly in structured databases, moved predictably between known systems, and processing happened inside a controlled perimeter.

That world is gone.

Today, data is dynamic. It flows through cloud pipelines, gets pulled into AI models, sits in vector stores, passes through multi-party analytics workflows, and gets queried by applications running on infrastructure you don’t own or fully control. At-rest encryption protects your storage layer. It does nothing for the data when it’s actually being processed.

Here’s the uncomfortable reality: most breaches don’t happen because someone cracked AES-256. They happen at the application layer, the identity layer, or during processing, where data is temporarily in plaintext. A compromised DBA account, a misconfigured cloud service, or a stolen session token can expose millions of records from a database that was technically “encrypted the whole time.”

Four Technologies Reshaping Database Encryption

Homomorphic Encryption: Compute on Ciphertext

This one has been in the research labs for years. In 2025, it started moving into production.

Homomorphic Encryption (HE) lets you perform computations directly on encrypted data. The result, when decrypted, is identical to what you’d get if you’d run the same computation on plaintext. The database never sees unencrypted data. Neither does the cloud provider running the query.

Think of it like a locked ballot box. Voters put their votes in through a slot; you can count the ballots without ever opening the box or seeing individual votes.

There are three maturity levels worth understanding:

• Partially Homomorphic Encryption (PHE): Supports one operation type (addition or multiplication) unlimited times.
• Somewhat Homomorphic Encryption (SHE): Supports both operations, but only a limited number of times before noise accumulates.
• Fully Homomorphic Encryption (FHE): Evaluates arbitrary functions on ciphertext with periodic “bootstrapping” to reset noise. This is the gold standard.

Recent architecture research has demonstrated sub-second P95 latency for circuits of depth six to eight under 128-bit security. That’s the performance threshold that unlocks real production use cases. Early wins are showing up in fintech (privacy-preserving fraud detection on encrypted financial streams), healthcare (cross-institutional analytics without sharing raw patient records), and private database lookups where the query itself never gets exposed.

The main tooling right now: Microsoft SEAL, IBM HElib, PALISADE, and TFHE. GPU and FPGA acceleration is beginning to make FHE workloads economically viable at scale.

Confidential Computing: Hardware-Enforced Enclaves

If FHE is the elegant cryptographic solution, Confidential Computing is the pragmatic engineering one. For most production workloads today, it’s the more immediately deployable path.

Confidential Computing protects data in use by running computation inside a hardware-based Trusted Execution Environment (TEE). The enclave is isolated from the rest of the system, including the hypervisor and the cloud provider’s own infrastructure. Data is only decrypted inside the enclave, and nothing outside can observe what’s happening in there.

Every major CPU vendor now has a TEE offering: Intel TDX and SGX, AMD SEV-SNP, ARM CCA, IBM Secure Execution. Cloud equivalents include AWS Nitro Enclaves, Azure Confidential VMs, and Google Confidential Computing. IDC’s 2025 data shows 75% of organizations are already using or piloting confidential computing, with 18% in full production.

The 2025 development that matters most for database teams: Nvidia integrated confidential computing into its H100 GPU, extending the trust boundary from CPU to GPU with encrypted I/O paths between them. That’s significant because AI inference workloads, the ones most likely pulling sensitive database content into models, now have a hardware-enforced protection layer.

A practical example: Microsoft Always Encrypted with Secure Enclaves in SQL Server 2019 and Azure SQL now supports richer query operations like JOINs and GROUP BY without ever exposing keys or plaintext to the database engine or administrators. That’s a meaningful architectural shift for teams handling regulated data.

FHE and Confidential Computing are complementary, not competing. Running FHE computations inside a TEE adds code integrity protection to FHE and provides defense-in-depth to the enclave. The pragmatic deployment path for high-sensitivity workloads is hybrid: TEE plus HE together.

Post-Quantum Cryptography: The Migration Has Already Started

This is no longer a “someday” conversation. It’s active compliance work right now.

In August 2024, NIST released its principal post-quantum cryptography standards as FIPS: ML-KEM for key establishment, ML-DSA for digital signatures, and SLH-DSA as a hash-based signature alternative. On March 11, 2025, HQC was selected as a code-based KEM backup to ML-KEM following the fourth round of NIST’s standardization process.

NIST’s transition roadmap is clear: phase out RSA and ECC by 2030, cease their use entirely by 2035. That deadline sounds comfortable until you account for how long cryptographic migrations actually take across large enterprise environments.

The threat driving urgency is “harvest now, decrypt later.” Adversaries don’t need a cryptographically relevant quantum computer today. They need patience. Encrypted data harvested now can sit in storage for years until the computational capability catches up. For data with a long sensitivity lifespan, anything from financial records to health data to national security material, the risk is already present.

57-60% of organizations report they’re prototyping or evaluating PQC algorithms in 2025. 45% are specifically focused on building crypto agility, the ability to swap algorithms across systems without full re-platforming.

One clarification worth making: for symmetric encryption, the quantum threat is less severe. Grover’s algorithm provides only a quadratic speedup against key searches, which means doubling key sizes to AES-256 is sufficient to counter it. The real urgency is in replacing public-key algorithms: RSA, ECC, and Diffie-Hellman.

Key Management: The Control That Actually Determines Everything

Here’s a truth that doesn’t get enough attention: encryption is only as strong as the key management behind it. You can implement AES-256 across every database in your environment; if key management is weak, you’ve built a vault with the combination written on the door.

The two models that matter for regulated environments:

• BYOK (Bring Your Own Key): You generate and own the encryption keys but upload them to the cloud provider’s KMS. You control key rotation and revocation, but the provider still has access to the key material during operations.
• HYOK (Hold Your Own Key): Keys stay entirely in your environment. The cloud provider processes encrypted data but never has access to the keys. Higher control, higher operational complexity, limited support from some cloud services.

For organizations handling data subject to strict sovereignty or confidentiality requirements, HYOK is the right trust model. Full disk encryption, TDE, or even BYOK-based column-level encryption don’t satisfy the fundamental requirement of “the cloud provider should never have our keys.”

The operational reality in 2025: 57% of organizations are managing five or more enterprise key managers across their environments. That sprawl creates compliance blind spots and operational risk. Centralized key management with HSM backing is now considered table stakes, with 75% adoption among enterprises according to recent surveys.

Emerging trend worth watching: AI-powered security analytics applied to key usage telemetry. Instead of a KMS being a passive vault, it becomes an active detection layer, flagging anomalous key access patterns, automating rotation based on risk signals, and integrating with SIEM for correlated threat detection.

Leading platforms in this space: AWS KMS, Azure Key Vault with Managed HSM, Google Cloud KMS and EKM, Thales CipherTrust, and HashiCorp Vault.

The Regulatory Pressure Isn’t Letting Up

Gartner forecasts that 75% of the world’s population will operate under modern privacy regulation. That’s not a future projection; it’s nearly current reality.

A few developments from the past 12 months that should be on every security architect’s radar:

• The EU AI Act becomes fully applicable August 2, 2026. It establishes risk-based obligations for high-impact AI systems, with fines reaching up to 7% of global annual turnover. AI systems processing sensitive personal data are squarely in scope.
• A U.S. Department of Justice data rule, effective April 2025, prohibits sharing sensitive data of American citizens with countries of concern. It requires mandatory compliance programs, due diligence, auditing, and ten-year recordkeeping for cross-border data flows.
• India’s DPDP Act has entered enforcement phase. China’s PIPL requires local storage. Saudi Arabia requires prior approval for cross-border transfers.
• Trump’s Executive Order 14306 from June 2025 maintains urgency around the post-quantum transition timeline tied to National Security Memorandum 10.

71% of organizations cite cross-border data transfer compliance as their top regulatory challenge in 2025. Data sovereignty is replacing borderless data flows as the default assumption, and that shift has direct architectural consequences for where keys are held and where encryption and decryption operations actually happen.

The AI Collision: New Attack Surface, New Blind Spots

This is where things get genuinely concerning for 2026.

AI systems are creating new exposure vectors that traditional database encryption doesn’t cover:

• Vector store exposure: Embeddings derived from sensitive records can leak PII even when the source database is fully encrypted. If your RAG pipeline generates embeddings from patient records or financial transactions, those embeddings are a secondary data asset that needs its own protection strategy. Most organizations don’t have one yet.
• Agentic AI access: AI agents operating in autonomous workflows are pulling sensitive data into prompts, passing it between services, and acting on it in ways that bypass traditional perimeter controls. The access patterns are harder to monitor and the blast radius of a compromised agent is potentially enormous.
• Shadow AI: 13% of organizations suffered AI-model or application breaches in 2025. 97% lacked proper AI access controls. Shadow AI usage is adding approximately $670,000 to average breach costs. The tooling to govern AI data access is still immature.

On the flip side, AI is also becoming a useful tool for encryption governance. Key usage anomaly detection, automated rotation policies, compliance reporting, and encryption workflow orchestration are all areas where AI-powered tooling is genuinely useful. Turning KMS from a passive vault into an active threat detection layer is a pattern worth building toward.

FHE is the longer-term answer to the AI data exposure problem. Running ML inference directly on encrypted data, never decrypting in the cloud, is already working in production for specific use cases like fraud detection on encrypted financial streams and sentiment analysis on encrypted text. It won’t be universal in 2026, but the trajectory is clear.

The Bottom Line

The “encrypt at rest and in transit” mantra served its purpose. It’s not sufficient for 2026.

The perimeter is gone, AI has created new exposure vectors that traditional encryption doesn’t reach, quantum adversaries are harvesting data now for later decryption, and regulators are raising the bar globally. The organizations that will handle this well are the ones treating encryption as an architecture discipline rather than a compliance checkbox.

Three questions worth sitting with after reading this:

1. Do you know where all your encryption keys live and who can access them?
2. Are your AI pipelines and vector stores in scope for your data protection controls?
3. Have you started your cryptographic inventory for the PQC migration?

If the answer to any of those is “no” or “not sure,” that’s where the work starts.

Arnav Sharma Microsoft MVPMCT

Microsoft Certified Trainer · Cloud · Cybersecurity · AI

I help organisations secure their cloud infrastructure and stay ahead of evolving cyber threats. Microsoft MVP and Certified Trainer, author of Mastering Azure Security, and founder of arnav.au — a platform for practical Cloud, Cybersecurity, DevOps and AI content.

LinkedIn Twitter / X 📖 Mastering Azure Security Book a Session