Skip to main content

Stay ahead: 3 enterprise security trends every CSO needs to be aware of

In 2013, the cybersecurity industry experienced the most disruption since the advent of the firewall in the late 1980s. The revelations about government spying leaked by Edward Snowden unearthed new gaps in security and privacy for citizens and companies across the world. The so-called Internet of Things –the ongoing trend of connecting everyday objects to the Internet – has brought devices from our homes, offices and beyond within a finger's swipe across our smartphone screens. Finally, this year saw the takedown of several massive illegal file-sharing sites, leading some industry watchdogs to ponder; will 2014 usher in the return of digital rights management (DRM)? These events will affect businesses, governments and workers in the year ahead in novel ways and present fresh opportunities to the security industry.

The challenge of the Snowden effect

Snowden's impact on IT spending in 2014 is the biggest opportunity in the enterprise security industry. The leak exposing that the National Security Administration (NSA) and cooperating government agencies, such as the UK's Government Communications Headquarters (GCHQ), can access private company and personal data caused an unprecedented change in cross-border cloud computing spending (opens in new tab).

Non-US companies pulled out of contracts with US cloud computing firms and a full 56 per cent of non-US companies were hesitant to work with US based cloud operators moving forwards. This was bad news for US tech giants implicated in the scandal, such as Google, AOL, Yahoo and Apple, among others.

For some within the security industry, this was actually positive news. Companies across sectors that offer different types of cyber security solutions benefited because the incident provided an opportunity to educate the market. In 2014 and beyond, this effect will only be compounded as most executives consider data security, specifically, a priority because they are looking more seriously at the internal controls preventing data leaks.

The security industry expects that most companies, whose eyes were opened to security vulnerabilities because of the Snowden leaks in 2013, will expose and fix their company's own security issues moving into 2014.

Securing the Internet of things

The challenge the Internet of things presents to the enterprise – beyond critical decisions about whether to connect the staff room refrigerator or the office dog to the Web first – is primarily security related. As these past examples highlight, what the Internet of things is really doing is putting more data into places where it is has never been before. In a more rational context this is exhibited by the mobility of the workplace today, the bring your own devices (opens in new tab) (BYOD) trend and, of course, cloud file storage.

Consequently, this change in data usage and storage underscores the need for a different approach to enterprise IT security. Rather than retrofitting "frankensecurity" to each of the vastly different types of devices and workflow software that employees use to be more productive, it is far more useful if security follows data to whatever device employees want to use. The file-centric security model helps provide IT admins with protection to ensure they keep their chief information officers' (CIOs') security interests in mind, and balance that with what employees demand today, as far as device and telecommuting flexibility.

In 2014, as the Internet of Things pushes the boundaries of where data is stored even further, teams must provide data security solutions that employees are eager to use, rather than forcing them to adopt clunky technology solutions that impede productivity. This was the problem with shadow IT over the past few years, during which employees used unsanctioned versions of cloud services such as Dropbox and Box without IT knowing.

In 2014, this will no longer be tolerated, and companies must provide their employees with technology that gives them access to data everywhere, protects company assets at all times and also has a friendly, simple interface similar to the unsanctioned shadow IT apps that employees have become accustomed to using.

DRM strikes back

The debate in most countries about the legality of sharing un-owned media property files is finally over. In this way, 2013 marks the death of peer-to-peer file sharing. Artists and media producers have been sick of it since Napster started, and court battles in favor of the artists continue rolling in. This includes an October court order to put ISP blocks on 21 file-sharing sites (opens in new tab), as well as a December settlement for Hotfile to pay Hollywood studios $80 million (£48.1 million) in damages over file sharing.

If official court rulings over illegal media sharing aren't enough to put nails in the coffin of free-content sharing, Internet thought leaders from the World Wide Web Consortium (W3C) have also revealed plans to implement DRM in Web standards.

In 2014, the DRM market is poised to explode, helping artists maintain the propriety and value of their works. While DRM is often looked at from the point of view of music and video file sharing, new business models will surely open up around protecting digital written works, such as e-books and movie scripts.

The turbulence that security companies course-corrected for in 2013 around the Snowden leaks, the Internet of things, and courts and industry groups' backing of intellectual property rights are key indicators of opportunities in 2014.

As we cross into the New Year and make resolutions to compensate for missteps in the past year, it's useful to consider where you stand and how to leverage these macro trends.

Moti Rafalin is the co-founder and CEO of WatchDox (opens in new tab), a provider of secure mobile productivity and collaboration solutions that enable the confidential sharing of important or sensitive files in an easy and secure way.