2016: Cybersecurity Can Mean a Year of Opportunity
Every January, predictions for the year to come arrive from every quarter for just about every industry and sector. Digital transformation is no exception, as forecasts have been rolling in. Without a doubt, 2016 promises to be a year of technological innovation and corporate investment throughout the global economy. And one key to getting the rewards from these labors will be for businesses to integrate cybersecurity into everything they do. Thus, I want to highlight some areas where this will be critical, and to look at the environment that will help shape this digital transformation.
For a good take at what lies ahead, IDC’s recent report on its predictions for 2016 and beyond is well worth the read. Briefly, the report details ten predictions based on the expectation that companies will dramatically increase investments that leverage the “3rd Platform” (the cloud, big data analytics, social business, and mobility). Every prediction describes moves that companies will or should make given the coming developments. As I’m advising my clients, companies will need to incorporate cybersecurity into each such move to maximize its benefits.
For example, the report predicts that by 2018, the number of Internet of Things (IoT) devices will more than double, matched by the development of over 200,000 new apps and solutions to take advantage of those devices. With good planning, businesses can make sure that each additional IoT device is not another pathway for a bad actor, that each additional app is not another doorway to a company’s IP. As the report itself notes, “[i]n 2016, CIOs and their teams must put together assessments and action plans to prepare for the oversized impact IoT will have on IT infrastructure and security.”
IoT, though, is just one example. Another prediction is that businesses will become increasingly dependent on their own coders. The report forecasts coder teams focused “not on integrating, managing, and adding functionality to packaged software aimed at internal operations like finance, HR, and sales – but on developing code that’s integral to the organizations’ offerings and defines an enterprise’s value and competitive edge in its marketplace.”
The cybersecurity need here is palpable. The more code drives a business, the more that business needs to fuse cybersecurity within that code. It will thus be key for companies to weave cybersecurity expertise into these coder teams, either with in-house personnel or outside service providers.
Notably, all of the predicted innovation will not occur in a vacuum; it will happen in a global environment of cyber connection and varying regulations. It’s important to consider what lies ahead on these fronts in 2016. Here are three questions I’m focused on:
Will we see a reduction in nation-state attacks on businesses? It is hard enough for businesses to defend against cyber criminals and hacktivists; it’s that much harder to defend against attacks backed by a state actor’s resources. With the recent G-20 agreement against state hacking for commercial gain, we can hope for a reduction in these attacks, but it’s way too soon to judge the accord’s success. I’ll be monitoring this closely.
How will the privacy debate unfold in the West? With the Paris and California attacks, we’ve seen renewed pressure to allow greater electronic surveillance. While this debate certainly applies to consumer apps and encryption, it’s not limited to them. The debate’s outcome will affect cybersecurity throughout the economy. And then there’s the global, patchwork quilt of privacy regulations. Will 2016 be the year we start to see countries harmonizing their digital privacy laws?
Assuming a cyber information sharing law is voted out of the U.S. Congress and signed by the President, will U.S. companies successfully leverage it and the President’s executive order on information sharing? 2016 is the year of promise for cybersecurity information sharing. However, much
No comments: