Many databases hold sensitive and confidential information that a company must protect. A successful attack on a database can lead to the loss of many millions of data records. The corresponding damages can be enormous. The European General Data Protection Regulation (GDPR) will massively change the way companies are allowed to collect and store personal data (e.g., from customers, employees, partners, and suppliers) by May 25, 2018.
The security features of current database products from Microsoft or Oracle allow encryption of the entire database through transparent database encryption (TDE) or individual database fields (DB-Encryption Proxy / MS Always Encrypted). Thus they protect against unauthorized access without requiring changes to existing applications. However, if the keys used for encryption are held together with the database data, the database is no longer sufficiently protected.
Encrypting your database and storing the keys centrally on CloudsHSM is the best way to protect your data. A stolen database and its data will not be accessible by the thieves because they would need to hold the encryption keys from the CloudsHSM.