Encryption is an ROI killer for any would-be attacker. By attaching the protection to the data, you're killing the value of the data once a breach has taken place, and you've made the breach largely benign since no data has truly been compromised.

Zappos, the online shoe and clothing retailer, is a perfect example of how this secure-breach approach can be a game changer in the fight against data compromise. Zappos and gain access to data such as customer names, email addresses and shipping information, but due to encryption that scrambled passwords and credit card numbers, the attackers got virtually nothing of value from the theft.

Ironically, publicity around this secure breach could very well make Zappos more secure moving forward, since potential attackers will know the company represents a poor investment of their time and effort.

* Action: Encryption is the key enabling technology for implementing a secure breach strategy. Encrypting data is tantamount to killing the data the moment it falls into the wrong hands. But encryption on a massive scale is not simple -- particularly in the area of . And it can go very, very wrong if not done correctly.

In fact, bad encryption can be more dangerous than the theft of unencrypted data, because it can prevent enterprises from being able to access their data when they need it. The key is to encrypt, but verify that you have control of the keys, and can maintain control as key management requirements scale. Many enterprises today are doing this by adopting best-in-class key management technologies and processes, and in doing so they are able to efficiently use encryption on a massive scale.