It’s going to be an interesting year in digital security, suggests the Security Industry Association’s “Data Privacy and Security Trends for 2018” report.
The first key trend outlined in the report is the rise of AI, both for the good guys and the bad guys. The report quotes Alan Silberberg, CEO of digital security consultancy Digijaks, as asserting that very soon “AI-driven malware is going to be a much larger driver of cybersecurity because it’s a driver of tools that criminals use,” and asserts that AI systems designed to monitor an organizations’ entire IT environment, including connected devices, on a round-the-clock basis are going to be urgently needed.
Furthermore, standards ought to be developed and implemented, the report argues. As an example, Silberberg explains that “Amazon could institute a cybersecurity protocol that every company has to adhere to before being allowed to have a server,” a move that could extend robust security across the Amazon ecosystem. And connected to these kinds of measures is the need to reinforce a strong security culture within an organization, along with clear policies and guidelines about digital security that can be applied across the enterprise so that security standards extend even to mobile devices and software brought in by staff.
Meanwhile, the traditional distinction between physical and digital security is going to blur, the SIA says. With video surveillance cameras having been leveraged to help bring down much of the internet in the DDoS attack of October, 2016, and HVAC equipment compromised in the Target attack of November, 2013, there is clearly a need to ensure that these increasingly connected devices also benefit from cybersecurity tools and practices, to help ensure there are no weak links in the IT chain. As security consultant Zane McCarthy explains, “How you respond to a physical breach and a data breach needs to be working hand in hand, as opposed to treating them as two separate incidents.”
The other major trends that the SIA predicts for the year are perhaps more high-profile. The European Union’s General Data Protection Regulation will come into effect on May 25th, forcing numerous organizations to adopt more sophisticated protections for customer data, and possibly to embrace the kind of ‘differential privacy’ data collection practices used by Apple and Uber to collect anonymized user data in aggregate, rather than on an individual basis. Meanwhile, the much buzzed-about rise of blockchain technology could open up new security methods and systems, such as enabling businesses to immediately detect suspicious activity in online activity based on blockchain auditing.
It all points to what promises to be an intense and innovative year in digital security. For more details, the SIA’s full report is available through its website.