Virtualization Technology News and Information
ForgeRock 2023 Predictions: Five Data Privacy and Security Predictions


Industry executives and experts share their predictions for 2023.  Read them in this 15th annual series exclusive.

Five Data Privacy and Security Predictions from ForgeRock

By Eve Maler, CTO at ForgeRock

Data breach and credential theft trends have accelerated in an alarming fashion. In 2021, we saw 4.7 billion U.S. data records breached, a 37% increase over the prior year, with 60% of records containing a Social Security Number or date of birth. In 2022 security professionals had to navigate continued increases in remote and hybrid work, massive data breaches, and uncertain economic times. Many of these challenges will carry forward into 2023, cementing data privacy issues as a top security concern.

Here are my five top predictions for the coming year, which I anticipate will manifest as the worlds of data privacy, cybersecurity, AI, and the broader tech industry intersect like never before. 

Data privacy will move to the forefront of technology conversations

In alignment with consumer protection, cybersecurity, data portability, and technology ethics trends, 2023 will be the year when every organizational stakeholder becomes invested in data privacy for solving multiple problems. Beyond keeping data out of the hands of cybercriminals, privacy is now a core component in Zero Trust security, antitrust concerns, AdTech disruption, data portability across services such as in open banking, and more. Regulations will accelerate and broaden to encompass multiple motivations.

Prepare for more passwordless authentication

Passwordless authentication is closer than ever to becoming fully realized. Several industries, especially retail, are facing increased security, fraud, and account takeover threats as they adopt new digital channels and technologies. As more organizations take advantage of digital wallets for payment, biometric authentication, and passwordless authentication, we can expect to see more pressure on technologists to adapt, ensuring high authentication assurance in every user journey while keeping the customer experience within and across channels seamless.

Decentralized identity will get a boost

The concept of decentralization is typically associated with Web3. However, decentralized identity has recently been gaining traction through mandates for the use of digital wallets, for example in the EU's eIDAS2 regulation and movement towards U.S. mobile driver's licenses. In 2023, decentralized identity will solidify its role in society as wallet technology becomes more broadly adopted for identity purposes. This will open up opportunities both for strong, passwordless authentication to merge with wallet tech and for better methods for user control of personal information.

Expect more AI at the heart of identity

In 2023, we'll see increased adoption of artificial intelligence (AI) to secure identity and access management (IAM). As more of life - and work - has gone digital and remote, cybercriminals have found more opportunities for data breaches and account takeovers. AI, when made explainable and when appropriately paired with human oversight, has the potential not only to make identity safer for consumers and employees, but also to improve the lives of the cybersecurity professionals who must make sense of massive amounts of data.

Digital consent will be re-evaluated

The idea of "consenting" to let an organization learn, store, and use your data is central not just to privacy conversations but also to ensuring proper authorization for access to personal data and building trusted relationships with digital service providers. In 2023, we'll continue to see more guidelines drawn to mitigate ongoing confusion about what digital consent means and looks like. Traditional "opt in, opt out" consent has unfortunately become a worrisome pattern. Users of connected services understand that they're not fully able to choose what happens with their data, and some of the techniques organizations are using to persuade users to say "yes" are increasingly suspect. This will further blur the line between personalizing online experiences and obscuring users' options. Consumers will become more adamant in demanding better answers.

These are just a few of the major considerations security professionals must account for as we head into a new year with its own unpredictable twists and turns. By understanding these shifts and preparing for the security and data privacy changes ahead, the industry can set up their security and adjacent teams to weather any storm.




Eve is a globally recognized strategist, innovator, and communicator on digital identity, security, privacy, and consent, with a passion for fostering successful ecosystems and individual empowerment. She has 20 years of experience leading standards such as SAML and User-Managed Access and publishing research in the field, and has also served as a Forrester Research security and risk analyst. 

Published Tuesday, December 20, 2022 7:35 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<December 2022>