Virtualization Technology News and Information
Forcepoint 2018 Predictions: Privacy Fights Back

VMblog Predictions 2018

Industry executives and experts share their predictions for 2018.  Read them in this 10th annual series exclusive.

Contributed by Dr. Richard Ford, Chief Scientist at Forcepoint

Privacy Fights Back

In 2015, we predicted that users' perceptions of privacy would begin to change, as individuals struggled to understand how to live and thrive in a "post-privacy" society. The last two years have seen the steady erosion of the clean line between the personal and public sphere - even ISPs have the legal rights to sell customer data. Furthermore, continued geopolitical uncertainty and threats both foreign and domestic, have continued to highlight the perceived tension between individual rights and security for all. However to date, privacy has not put up much of a fight: that is set to change in 2018.

The stars are aligning to make 2018 the kick-off to what we're going to call "The Privacy Wars" - pitting technologists against the ordinary person on the street, and splitting opinion in the government, at work and at home.

Our prediction is based upon what we see as the perfect storm between the following four drivers: legal, technological, societal and political. The confluence of these factors will cause a tectonic shift in the privacy landscape.

Regulations paving the way

Legal concerns lead the pack in terms of visibility in the security community - most recently under the heading of the General Data Protection Regulation (GDPR). Though this is far from the only piece of legislation that impacts how companies handle personal data. With regulations set to come into effect on May 25, 2018, privacy is top of mind of many technologists, crucially compliance is going to drive visibility through 2018 and beyond.

Regulations and guidelines protecting people's privacy include:

  • The GDPR, a European-led regulation that will affect global businesses that hold or process the personal data of any European Union resident.
  • EU ePrivacy Regulation, which cover confidentiality of information, treatment of traffic data, spam and cookie, which will be updated to come into line with the GDPR. This will impact cloud service providers and cross-border transfers of data worldwide.
  • NIST Special Publication 800-171, a requirement on suppliers to U.S. federal organisations to adequately protect controlled unclassified information (CUI) including the privacy of personal data for which they are responsible.

Societal change

Technological and societal changes are two other major factors. Individuals are used to trading convenience for privacy as they use location-based and ID-tracking services on mobile phones and home assistants, and predominately accept this in their private lives.

In the workplace, the benefits of a more human-centric approach to security (focusing on the interaction of people and critical data) will lead to increased data collection. This is an effort that must be handled carefully if it is to remain both legally and culturally acceptable.

Despite the importance of both these areas, the social shift in the most interesting. Here, large-scale data breaches (like Equifax) have raised the level of awareness in the business and technology community and shone a light on the role of data aggregators. As the Equifax breach has the potential to impact the average person on the street, privacy has moved from an abstract concept to something actionable.

Government involvement

Lastly, the geopolitics of 2017 cannot be ignored. The world seems less stable, with ongoing terrorist threats and a fluctuating political climate highlighting the uneasy tension between individual privacy and national security. This has given rise to continued discussions by governments on encryption and its role in a free society.

Each area alone could make 2018 an interesting year from a privacy perspective, but together they will ignite discussions on a political, enterprise and personal level. Unfortunately, our assessment is that these discussions will be more polarising than unifying, making little progress towards reconciling legitimate privacy concerns with genuine security needs.

Our privacy prediction for 2018 showcases a myriad of challenges for those tasked with protecting people, data and networks. It has never been more important to preserve user privacy in the face of ever-increasing regulations or making sure our personal data, once aggregated, doesn't fall in the wrong hands.

At the heart of our prediction is a requirement to understand the intersection of people with critical data and intellectual property. By placing cyber-behaviour and intent at the center of security, the industry has a fighting chance of keeping with the massive rate of change in the threat environment.


About the Author

Richard Ford 

Dr. Richard Ford is the chief scientist for Forcepoint, overseeing technical direction and innovation throughout the business. He brings over 25 years' experience in computer security, with knowledge in both offensive and defensive technology solutions. During his career, Ford has held positions with Virus Bulletin, IBM Research, Command Software Systems and NTT Verio. He has also worked in Academia, having held an endowed chair in Computer Security, and worked as Head of the Computer Sciences and Cybersecurity Department at the Florida Institute of Technology. He holds a Bachelor's, Master's and D.Phil in Physics from the University of Oxford.

Published Tuesday, December 12, 2017 7:24 AM by David Marshall
January 2018 | Privacy News Highlights - (Author's Link) - March 4, 2018 12:30 PM
January 2018 | Privacy News Highlights - (Author's Link) - March 5, 2018 12:12 PM
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<December 2017>