Client Insights, Senior Consultant
Center for Applied Insights
In 2012 we saw significant data breaches across multiple industries and governments impacting millions of users. Will 2013 bring more of the same? Is this an uncertain future we will have to live with? Can we accept degraded privacy and security and billions of dollars in lost revenue, damage, reduction in brand value and remediation costs?
Last year, a number of major security themes were part of this uncertainty – cloud, mobile, social media, big data, compliance, advanced persistent threats, physical infrastructure security, and the changing nature of information security leadership. None of these issues are going anywhere. In fact, into 2013 and beyond these issues are only going to become more important and will become the concern of more and more enterprise leaders.
All of these disparate issues come together in a new infographic from IBM. It knits together the pressures CEOs are feeling to deliver transformation with limited resources, the changing role of information security leaders, the threat landscape and the best practices to address that landscape. It connects enterprise priorities with information security practices, achieving innovation while dealing with risk.
In 2012, the IBM Center for Applied Insights released a series of security-related pieces that focused on a number of these important issues. We looked at the changing role of the CISO and other security leaders in our 2012 CISO Assessment. We also published a series of best practices for security leaders through our eight article Security Essentials series. In 2013 we will continue to provide insights on information security.
- Enterprise security organizations will become more independent and work with the audit committee and risk officers more.
- Data scientists will increasingly analyze and correlate security data as well as unstructured business data to reduce the risk of breaches.
- Threat data will be shared more readily between the government and private sector, and amongst private sector companies.
- Organizations will begin monitoring the information shared on social media back channels to detect threats earlier.
- Compliance will remain a strong security driver and will be weighed against the rise of a risk-based approach to security.
- Because of data, identity and monitoring technologies, cloud security will go from "mystery and hype" to "secure and move-on".
- Mobile devices (the device, network and applications) will be significantly more secure – more than laptops are today.
- The type of data collected and inspected to detect advanced threats will increase in variety and volume.
Keeping these ideas, trends and emerging issues in mind, information security leaders must rise to the challenge of creating a future that isn’t like today. By using their best practices to connect with and support enterprise-level goals they can create a better, more secure, future.