‘What 2 things are most likely to change the security industry in the next 2 years? And why?’
Information Security, over the next two years will be shaped by a natural progression from Big Data to Deep Data and an ever-increasing focus by governments on Cyber Security.
Big Data has proven to not just be the next big buzz word but an essential tool in everything from building preventative security controls by modeling threats to security risk transferal by using big data to price cyber security insurance policies. The depth of the data will shift from the broad to deep; simply colleting large amounts of data will not be sufficient for progressing the analytical applications in security. This increased depth of information will raise the security implications of ensuring data handling compliance, access and limiting exfiltration.
Cyber security has been declared as the single most important national security agenda in the US and also in many European countries. The security industry will as a result see a number of trends continue and others emerge. At the top of that list is regulation and litigation. Although I am personally not a fan of increasing either of them it appears inevitable at the moment. Statutes such as the Computer Fraud and Abuse Act (CFAA) were originally drafted and enacted prior to the pervasiveness of computers in the home and work place and now in most pockets and purses. Failure to meet these increased regulatory structures will give way to litigation issues ranging from defining what types of damage are cognizable to what levels of security were contractually agreed upon within cloud services. Not surprisingly, I have witnessed several organizations shift the C(I)SO function under the purvey of General Council and several others fill the C(I)SO position with lawyers versed in technology.
Gabriel Gumbs | WhiteHat Security | Managing Director, Solutions Architecture | @GabrielGumbs
To find out more about our panel members visit the biographies page.
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
