In business, you\u2019ve got to be able to predict the future. But rather than juggling a crystal ball, deduct from what you already know. Leaders should scan the horizon for innovation and think through the consequences for their customers\u2019 expectations and lives. And with technological change always comes information security challenges.<\/p>\n
I\u2019ve been keeping my eye on a number of developments I believe will change IT security as we know it, in the year ahead. Look into these five innovations and their implications for your business.<\/p>\n
Tech giants just keep seeking more of customers\u2019 personal data. At the end of 2019, Google announced plans to acquire health tracking company Fitbit<\/a><\/u>, and a partnership with Ascension, a healthcare records system used in 21 US states. Apple and Amazon have made similar moves toward customer\u2019s health data<\/a><\/u>. Other companies of all sizes will take a similar path to track customers\u2019 habits and preferences.<\/p>\n The sources of customer data will keep getting more diverse. One autonomous car could generate 40 terabytes of data<\/a><\/u> for every eight hours of driving.<\/p>\n What does this mean for business? <\/strong>Headline-grabbing examples like these mean activists and broader society will pay ever-closer attention to how data is handled. Expect increasingly stricter government regulation on data use.<\/p>\n Many companies who\u2019ve handled some cybersecurity in house are now looking to outsource, because it\u2019s faster and cheaper, and they get a better overall service.<\/p>\n Some IT vendors have already changed their offers from licenses to services. A license gives a customer a tool to solve a problem while the service actually solves their problem.<\/p>\n<\/blockquote>\n The market for managed services might almost double<\/a><\/u> by 2023. It\u2019s a competitive landscape. Service providers will need to distinguish themselves by providing more specific cybersecurity services, where expertise is crucial. According to a recent Kaspersky survey, 74 percent of managed service providers named cybersecurity expertise as a key client need<\/a><\/u>.<\/p>\n And for business? <\/strong>Information security vendors must adapt their intelligence and expertise to a service model. Simplify delivery as services rather than products, through managed service providers.<\/p>\n Industrial cybersecurity is now moving fast. It\u2019s all about letting organizations protect industrial endpoints as they would corporate ones. In 2019, four in five industrial organizations said they were prioritizing managing operational technology (OT) and Industrial Control System (ICS) network cyber risks<\/a><\/u> in the year ahead. This emphasis will help build industrial protection expertise. We need more people who understand vulnerabilities in equipment and the Internet of Things (IoT).<\/p>\n More industry and manufacturers will use smart components and entire IoT platforms\u00a0 to improve efficiency, such as smart meters<\/a><\/u>, predictive maintenance<\/a><\/u> and digital twins<\/a><\/u>.<\/p>\n What should business do? <\/strong>The focus should be on identifying vulnerabilities in industrial equipment, and patching them fast. If you\u2019re responsible for systems critical to your industry, consider advanced threat detection and response systems, and look for industrial threats expertise.<\/p>\n Identify what smart components you\u2019re using and make sure they\u2019re protected.<\/p>\n Businesses are using <\/a>machine learning and artificial intelligence systems more<\/a><\/u>, because they can expand product and service use, from finance and banking, to manufacture and biometric authentication. Their security will be strategically important.<\/p>\n They\u2019re also popular targets for compromise attempts, including using adversarial techniques meant to spoil machine learning algorithms<\/a><\/u>. For example, bombarding an algorithm with data that may appear clean, but includes deviations too small to detect a bad sample, gradually erasing a once-clear line between clean and harmful files, triggering false positives.<\/p>\n What should you do? <\/strong>Protect machine learning-driven systems from compromise with dedicated experts who understand machine learning and adversarial techniques, and can build cyber protection for each case.<\/p>\n The same applies to cybersecurity systems that use machine learning for attack detection and response. Review these systems for vulnerability.<\/p>\n2. Cybersecurity will move to a service model<\/h2>\n
3. Industrial cyberattacks will change cybersecurity expertise<\/h2>\n
4. Machine Learning will need its own cyberattack protection<\/h2>\n
5. Businesses will need new ways to innovate<\/h2>\n