• BlackBerry survey finds 98% of government and infrastructure security leaders rely on foreign‑hosted consumer messaging apps
• 83% use WhatsApp for sensitive discussions, despite critical gaps in encryption literacy
• Report warns encryption doesn’t protect metadata, impersonation, or compromised devices; highlights urgent need for sovereign, trusted communications infrastructure

Government and infrastructure workers fundamentally misunderstand the security of the communications apps they use, placing their organizations, the data, and the information flowing through, at great risk. This is according to The State of Secure Communications 2026, a survey conducted by BlackBerry Secure Communications.

Surveying 700 security decision-makers across government and critical infrastructure in the US, UK, Canada, and Singapore, the researchers found that virtually everyone (98%) relies on foreign-hosted platforms that were not built for confidential communications or high-security environments.

In fact, more than eight in ten (83%) are using WhatsApp for sensitive discussions inside their organizations.

Article continues below

Misconceptions about encryption

To make matters worse, almost all (88%) security leaders are confident their current messaging setup is secure. This confidence, as BlackBerry discovered, is based on a “fundamental misread” of what these platforms actually protect.

“The report reveals critical gaps in encryption literacy among the very leaders responsible for safeguarding communications,” it said.

With that in mind, the report says that more than half (52%) believe encryption protects metadata such as location data, IP addresses, and communication patterns. Just below half (47%) believe encryption prevents impersonation, deepfake, or spoofing attacks, and 41% assume communications remain secure even after a device has been compromised.

“Consumer messaging apps were never designed to handle sensitive communications, protect confidentiality, or meet the demands of high-security environments,” explained Christine Gadsby, Chief Security Advisor, BlackBerry Secure Communications.

“They rely on phone numbers, not verified identities – and encryption protects the channel, not who is on it. That gap is already being exploited, as recent intelligence warnings show, and governments and critical infrastructure organizations are responding by moving toward communications infrastructure they own and trust.”

Ownership and control of the infrastructure behind sensitive communications is emerging as a “critical blind spot”, Blackberry said, stressing that it “exposes gaps” in data sovereignty. Still, more than half (55%) of the respondents said they prioritize sovereign control.

The best antivirus for all budgets

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.