Future of cyber security will depend on risk and trust factors

bQXHuL9FnWTzoidAbDo4YE

With remote working strategies and digital platforms increasingly becoming the norm, organisations are more vulnerable to cyber attacks than ever before. The adoption of mobility, cloud and internet of things has increased the attack surface. Ransomware, cybercrime and state-sponsored attacks are becoming normal events and causing major disruptions at eye-widening costs and severe reputational damage. Faced with daily cybersecurity incidents and inadequate responses, consumers, citizens and partners are beginning to question their trust in technology, businesses and governments.

 “Trust is the new agenda of CEOs and it is related to data, where we use the data, how we use the data and how much of the data we create. The world is digitally and rapidly advancing to the third platform [mobile, social media, cloud computing and big data],” David Reinsel, Senior Vice-President for IoT, mobility and security at International Data Corporation (IDC), said.

The second platform was pretty straight forward, he said, with client-server model – PCs, LAN and internet.

But the third platform exploded the number of connected things, the amount of data being produced and the amount of data needing protection.

By the end of this year, IDC predicts that there will 39,000 corporate data centres globally trying to manage data created by more than 31b internet of things using 7m edge locations.

“This complicated ecosystem of core edge endpoints will have three main pillars – the data being created and processed, the network along which the data travels and the applications that will use the data to deliver AI, data to inform real-time decisions and drive autonomous vehicles.

“Data will be so integrated into our lives that it needs to be protected and trusted. The problem is most of the data that needs to be protected is not protected,” he said.

By 2020, 59 zettabytes of data will be created worldwide. Out of that, 54% of the data will not be protected and needs someone to protect it.

Protecting the privacy of digital assets

“This is an issue that impacts trust. Protecting the privacy of digital assets by anticipating, identifying and containing risks is critical to mitigating these crises,” Reinsel said.

IDC expects that within the next five years, 25% of security services spending will be devoted to ensuring the trust framework and these frameworks must be opened to broad participation with transparent, governance and compliance guidelines.

Implemented correctly, he said they will assure to end-users and regulatory bodies alike.

To restore a sense of trust, he said that security must become a fundamental pillar of the organisation and sit at the very core of the digital transformation process with threat management, vulnerability management and identity management, all working in tandem.

IDC defines trust as the condition that enables decisions to be made between two or more entities that reflect the level of confidence (risk and reputation) between parties.

Reinsel said that breaches are one of the factors that erode trust.

Target was fined $292m, British Airways with £183.39m and Yahoo! with $85m for security-related issues while Google with €1.5b, Uber with $148m and BP with $65b for other trust issues.

Kaspersky research has shown that personally, identifiable information is the most frequently targeted type of data amongst cybercriminals (40%) and 29% of companies surveyed experienced issues with attracting new customers after a data breach.

“We have an issue with trust and today, it is harder than any other time to know what is real or fake. It is easy to fake,” Rensel said.

Samsung’s AI Centre and the Skolkovo Institute of Science and Technology has created an ability for static images to become live and like a real human being (deep fakes).

“This [deep fakes] poses a major problem,” Rensel said.

Need to create ‘Chief Trust Officer’

By 2025, IDC believes that new media enterprises will invest 1% of advertising revenue for auditing and rating services based on blockchain, AI, digital rights management to guarantee the veracity of their information.

However, Rensel said that one of the things that build up trust is radical transparency, allowing partners and customers to see what is behind the curtain.

The future of trust, he said lies in five pillars – security, risk, compliance, privacy, and social responsibility and ethics.

“Customers are watching how a business behaves. How we leverage the trust is that matters. Continually validate the risk status of your organisation to ensure risks are consistently identified, addressed and mitigated,” he said.

He urged organisations to create a “Chief Trust Officer” position that can drive trust roadmap and provide governance across all functional areas that relate to trust including physical security, cybersecurity, risk, compliance, legal, privacy protection and finance.

“Begin work on your corporate trust programme now. We know that the change is coming and the future of trust is ahead of us.  Best is to drive and affect the change before the board of directors dictates the change,” he said.