2018 predictions: The end of the 'passive trust' era
Written by Stuart Reed, Senior Director, NTT Security
This year saw a number of huge breaches of customer data, including names, contact details and financial information. Understandably, this has been met with anger from customers who trusted those organisations with their personal information. There is a recognition that personal data has value – not just to the organisation it is provided too, but also for the purposes of cyber crime. GDPR will of course help sharpen the focus of organisations in regards to the management of personal information, though 2018 is likely to see a more weary consumer who will be less likely to freely share their personal data or, perhaps, provide minimal or less accurate information in the first place.
Recent high profile breaches suggest that some organisations may still be taking a gamble when it comes to cyber security maturity. As examples of high profile breaches continue, and the costs of an impact escalate, organisations will need to consider new metrics to calculate acceptable risk. This may not mean they change their risk profile immediately, but it will, at least, mean they are more aware of their exposure to breaches and their likely financial impact.
It is worth noting that not all the high profile breaches in 2017 were due to cyber crime in the first instance; many are still as a result of poor data handling. This is likely to continue until organisations implement processes and procedures for good data management across the whole of the organisation, and measure their employees against them. 2018 should see a greater emphasis on incident response planning and processes and potentially see cyber security linked more widely to overall HR policies and employee objectives in an effort to install a culture of awareness and responsibility throughout the organisation.
The rapid pace of the digital era is leading to digital disruption and a huge rise in digital transformation projects. In the excitement of using new technologies for competitive advantage, or indeed the fear of being left behind by digital applications, it is perhaps easy to see how cyber security could get overlooked in the race to take first mover advantage. As recent high profile examples illustrate, this could be a costly mistake. To truly maximise the opportunities that digital transformation provides, the coming year may see cyber security playing a crucial role in unlocking the true value of these projects. If consumers have confidence that the new digital applications they use offer both benefits and security, they are more likely to adopt them – and continue to use them.