Story image

Insights: What will happen with data privacy in 2019?

24 Dec 2018

It is certainly the season for predictions and so without further ado, here are some insights from Ensighten CEO Ian Woolley regarding data privacy in 2019 and its potential threats.

No rest from regulation

Regulation was a hot topic in 2018 spurred on by GDPR coming into force and it will continue to dominate conversation in 2019 as other global policies such as the California Consumer Privacy Act (CCPA) play out.

The challenge we’ll see for global organisations is managing the nuances of regional data practices simultaneously.

Technology will help companies navigate this but as we’ve seen with GDPR there are various interpretations of what regulation means.

As such, many businesses may opt to employ the strictest data practices and processes companywide to avoid potential slip ups and penalties.

Still searching for answers

Data breaches have saturated the media this year and business leaders are starting to now realise the true impact a website hack can have on an organisation.

The financial and reputational risks, as well as possible job losses will ensure that security is at the top of the priority list for 2019.

As some businesses are having this revelation late, we’ll see more legacy hacks and leaks come to the fore.

Despite the urgency to address data vulnerabilities, most companies are still in the education phase of data governance and how and why breaches occur.

Therefore, we will see more companies scramble to protect themselves as they identify the real threats lurking beneath their website supply chain. Once companies have a clear picture of where they are vulnerable, we’ll see more investment in thorough data governance.

Glory hunting hackers and advances in AI

Many businesses fear that hackers will leverage AI to unlock new ways to infiltrate websites and apps at scale.

We may see video and audio manipulated to fool consumers but AI will most commonly be used to configure and learn defence tools to inform future breaches or to bypass more advanced security implementations altogether.

While many industry commentators focus on how hackers will evolve, a great deal of criminals will still prey on businesses that don’t have the basics covered, for example overlooking unauthorised third party technologies running on websites.

This will be the main cause of breaches and leaks throughout 2019.

As we’ve seen with the rise of Magecart, there is also a growing trend of groups taking credit for their crimes. We will see more named attacks in 2019, as hackers look to carry out bigger and more damaging assaults on businesses, especially e-commerce brands.

The birth of the hybrid ‘marketing security’ team

As many website hacks have highlighted in 2018 one of the core causes is problems with third-party technologies.

Via chat boxes, form fill and unapproved third-party tags on a website, criminals can gain access to customer data sometimes even without the organisation’s knowledge.

The challenge is that marketers are generally in charge of this data but haven’t necessarily been accountable for the protection and security of this data. In 2019, businesses will view security more holistically.

To do this companies will look to bring more senior security talent in house to navigate the new data landscape and regain control, rather than outsourcing security to multiple vendors.

But this will squeeze an already limited pool of skilled professionals. With lack of talent available we will likely also see a shift in the role of the marketing team – businesses will put more onus and investment in upskilling marketers so that they have a marketing security remit.

At a more senior level, we’ll see the CMO and CISO start to work more closely to mitigate security vulnerabilities.

2018 has been a learning curve. New data regulation has revealed issues that many companies were not even aware of.

This, in the long term, is a good thing for data owners and also their customers. However, businesses are still in the process of addressing the security of their data and this will continue to trip up organisations in 2019.

Constant, thorough data governance will be a core requirement next year – brands that neglect to put the right processes, technology and people in place will pay the price.

Five things MSPs need to keep in mind in 2019
A Datto APAC channel exec outlines the most important factors for MSP to being paying attention to in the coming year.
Survey: IT pros nostalgic over on-prem data centre visibility
There are significant security and monitoring challenges faced by IT staff responsible for managing public and private cloud deployments.
61% of CIOs believe employees leak data maliciously
Egress conducted a survey to examine the root causes of employee-driven data breaches, their frequency, and impact.
Opinion: BYOD can be secure with the right measures
Companies that embrace BYOD are giving employees more freedom to work remotely, resulting in increased productivity, cost savings, and talent retention.
Sonatype and HackerOne partner on open source vulnerability reporting
Without a standard for responsible disclosure, even those who want to disclose vulnerabilities responsibly can get frustrated with the process.
OutSystems and Boncode team up for better code analysis
The Boncode and OutSystems alliance aims to help organisations to build fast and feel comfortable that the work they're delivering is at peak quality levels.
Security top priority for Filipinos when choosing a bank - Unisys
Filipinos have greatest appetite in Asia Pacific to use biometrics to access banking services
Nuance biometrics fight back against fraud
Nuance Communications has crunched the numbers and discovered that it has prevented more than US$1 billion worth of fraud from being passed on to users of its Nuance Security Suite.