If the data on a device (e.g. a phone) is encrypted, then the encryption key is needed to decrypt the data as you use the device. How is this key stored or what is the security policy so that it is safe from being stolen by malware?
Devices typically contain enough storage that needs protection to warrant the use of a symmetric key algorithm. Public key crypto is way too slow for large amounts of data. If it's e.g. a harddisk, even a block chaining of the encryption is quite counterproductive.
However, to protect that symmetric key a number of techniques can be used. But while the key is used it is going to be stored in memory on the device.
Most used are ways to store the symmetric key in a way that it is protected by a password, pin code or so.
In it simplest form, it's actually not that hard: let's say you have a 256bit symmetric key that needs protection all you need is a cryptographic hash of a password that generates the same 256bit result (or longer) and store XORed result. Without the password, you can't calculate the hash and can't access the symmetric encryption key.
Still, if you seek protection from malware that might be actively monitoring the device while the encryption key is used, you're essentially out of luck unless you have hardware doing the encryption as the software encryption will have to have the key in memory while it is encrypting or decrypting. And malware could access memory. Also note that wiping the symmetric key without accessing it (in it's protective storage) essentially will make the entire disk wiped unless there's a backup. So while Confidentiality and Integrity are threatened by malware, Availability is even more.