Virtualization Technology News and Information
Article
RSS
Ground Labs 2023 Predictions: Data Security Advances In The Face of Threats

vmblog-predictions-2023 

Industry executives and experts share their predictions for 2023.  Read them in this 15th annual VMblog.com series exclusive.

Data Security Advances In The Face of Threats

By Stephen Cavey, co-founder and chief evangelist, Ground Labs

Data security has been top-of-mind for companies worldwide in 2022. High-profile breaches have eroded consumer trust and increasingly strict regulations hold businesses more accountable. Next year will prove no easier, but there is an upside. Continuing breaches and regulatory pressures will push many companies to take a more proactive approach to keeping data safe. As a result, they will overhaul their data management strategies and become more confident in their commitment to protecting customer data.

Data Security Facts Will Replace Unproven Assumptions

The executives and teams that manage data have often built their strategies around assumptions of what data they have and where it lives. This often means unknown data stores are insufficiently protected. Expect to see many firms build a complete data inventory for the first time, based on company-wide data discovery, and then modify their data security strategies to protect all of their data.

Incoming CISOs Will Innovate, But Require Training and Mentorship

Many companies will see the chief information security officer (CISO) position continue to turnover. Some CISOs will simply be burned out, while others will hope to shift roles before breaches harm their reputation. Many new CISOs will be younger and less experienced than their predecessors, driving demand for CISO training and mentorship. However, their fresh perspectives will drive them to question assumptions in data security strategies and replace them with fact-based approaches where needed.

A Massive Breach of Sensitive Data Will Act As a Global Wake-Up Call

Many data security regulations now acknowledge a special category of sensitive personal information (SPI), like passport numbers or genetic data, that requires a greater level of protection, and penalize the failure to adequately secure it harshly. Within a year, there will likely be a major breach of SPI that incurs huge penalties, serving as a wake-up call for many businesses to identify and protect their SPI data.

As Social Engineering Evolves, Paranoia and Vigilance Will Increase

Phishing is moving beyond emails and texts to unprecedented levels of deception using AI. Bad actors have already created convincing voice recordings of CEOs thanks to deepfake technology. All correspondence will need to be confirmed with the apparent sender. While this will undoubtedly spark FUD (fear, uncertainty and doubt), it will also encourage companies to double down on their data security efforts, in order to protect data from whatever form social engineering takes next.

Increased Risk Will Spark a "Less Is More" Approach to Data Collection

Executives in charge of data will perceive data collection to be riskier than ever as regulations like the General Data Protection Regulation (GDPR) and the pending American Data Privacy and Protection Act (ADPPA) impose greater restrictions on collecting data and greater penalties for failing to protect it. Expect to see a "less is more" strategy become common, as companies question whether they need to collect the information they do. For example, something as simple as storing a customer's gender may be unnecessary if the only use for it is adding Mr. or Ms. as an opening salutation where emails could easily begin with "Hello [First Name]" instead.

Even As Data Risks Rise, "Data-First" Will Become a Guiding Mantra

Companies are bringing together systems and processes that were siloed for many years. As a result, they now have the high-level insight needed to start to become "data-first" and automate all kinds of processes for optimal performance. In order to continue securing data at scale in a "data-first" company, end users will begin playing a role in automating data management and security.

2023 will be a challenging year, but a rewarding one for companies that resolve to improve data security. It's never too early to get started by challenging data security assumptions and aligning stakeholders around the need to collect data responsibly.

##

ABOUT THE AUTHOR

Stephen Cavey 

Ground Labs Co-Founder and Chief Evangelist Stephen Cavey leads a global team empowering enterprise organizations to discover, manage and secure sensitive data. He has deep security domain expertise focused on electronic payments and data security compliance.

Published Tuesday, January 24, 2023 7:37 AM by David Marshall
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<January 2023>
SuMoTuWeThFrSa
25262728293031
1234567
891011121314
15161718192021
22232425262728
2930311234