The data security environment is a very fluid one. It is a continual race between the baddies developing new threats and the goodies developing countermeasures. Occasionally the goodies move a step ahead with a new type of defence, but you can bet that it will be quickly analysed and defeated by the baddies. As one industry guru once said, “The only perfect defence is the one that hasn’t been broken yet”.
Having said that, here are five predictions for trends in Data Security in 2018.
One of the biggest technology shifts in recent times has been the uptake in Cloud Computing. Handing over your most prized asset, your company data, to a Managed Services supplier can be an act of faith. Faith is sometimes not rewarded.
There will be strategic moves in 2018 from the major suppliers to bring new tools and techniques that address these new threats and provide more effective and efficient data security.
Compliance and Regulation, Taxation, Finance and Personal Data.
As sure as eggs are small apples, 2018 will see a raft of new legislation aimed at controlling online financial systems and management of online personal information.
Firstly, the current political obsession with eliminating tax havens will see calls for stricter controls on corporate and individual financial data and movement of money. That in turn will bring in its wake the need for more transactional information and increased data security as funds are transferred.
A second area is that of Blockchain, cryptocurrencies and their impregnable data security. The whole blockchain concept is being publicly ridiculed as an aberration that will go away as quickly as it arose, as are cryptocurrencies. However, quietly in the background the World Economic Forum and many of the major international financial institutions are assessing their real impact and making plans as to how the concepts can be absorbed into the existing financial landscape. Expect major announcements in 2018 from big hitters in the Government and Professional Services industries.
Both the USA and European Union have legislation planned for implementation in 2018 around the storage and management of personal information. The USA has modified existing NIST regulations and the EU is introducing GDPR (General Data Protection Regulations). Both are aimed at, among other things clarifying the duties and responsibilities of Managed Service Providers and their clients in the data security requirements of personal data.
User Authentication and the Passing Away of Passwords
It is becoming increasingly apparent, if it ever needed demonstrating, that password controls alone as authentication are stunningly ineffective. The emergence of new authentication standards, based on multi‑level authentication has eased the problem somewhat, but there are still concerns over their effectiveness and the ease with which they can be circumvented. ID theft and SIM card Swapping are two common methods to bypass multi-level authentication.
Biometric control, particularly fingerprint recognition is becoming more common on new smart devices, but individuals are not using them to any great extent.
We can expect a continuing focus on authentication, particularly in online financial services, both from a data security standpoint and as suppliers seek to differentiate their offerings from others.
Security Systems Code – Open or Proprietary
There has been an ongoing debate in data security circles about whether open source collective commons code or proprietary sealed code is better in the cyber security arena.
Proponents of open code claim that having the programming code in the public domain encourages further debate and development without compromising the need to have secure implementation of the code in commercial or freeware applications.
The other side of the debate argue that if secure systems are to be effective that, while conforming to defined standards, the algorithms used in the process, and the process itself must be secret.
This argument will rage on in 2018.
Artificial Intelligence – the next big happening trend?
AI has been quietly creeping up. Improvements in data mining technologies, data analysis, computer directed decision making systems have all been driving improvements in AI recently.
The biggest and quietest advance has been the use of AI in software robots to carry out simple administrative tasks like invoice processing, replacing human operators. It has been described as the Fourth Industrial Revolution. It is raising worried eyebrows in Governmental and Labour circles because of potential massive job losses. As always, data security concerns will be included in the development and roll-out of AI.
The five trends here might not be the ones you would have chosen, but one thing we can be sure of is that 2018 will be full of surprises.