Though it’s obviously a matter of degree, leaders in businesses of all types and sizes face a similar conundrum: spending on cybersecurity infrastructure is rising, yet the threat of attacks and breaches continues to escalate at a mind-boggling pace. This challenge is driving the need for executives and security pros to circle the wagons and work holistically to address nagging privacy and security issues, and to establish methods of validating and reporting on the ROI of security controls. As leaders and IT teams jointly tackle the evolving threat landscape, several emerging trends are shaping their strategy and actions.
Trend #1) Leaders are requiring more proof. Increasingly, Boards and C-suite leaders are calling on security teams to measure, quantify and report back on the effectiveness and returns of their IT and security infrastructure. Leaders also want more evidence that security expenditures are positively impacting and supporting critical functions, such as business continuity, regulatory compliance and company valuations.
Trend #2) Companies are squeezing cloud providers. More and more businesses are using cloud-based solutions to protect vital digital assets. Accompanying this trend, researchers say, is a call for cloud providers to demonstrate the efficacy and integrity of their security systems and controls.
Trend #3) Regulations are expanding. Governments officially began placating public demand for data and privacy protections in May 2018 with the European Union’s General Data Protection Regulation. The same year in the US, California and Vermont passed similarly intentioned legislation. Dozens of other states have privacy and protection laws in the pipeline and, in time, are expected to follow California’s legislative lead. To avoid fines (and customer attrition), companies must be ready to clearly demonstrate their compliance with state, federal and sector-specific protections (such as HIPAA and the Financial Privacy Act). Some privacy-industry watchers also expect that leaders from areas of business not traditionally focused on cybersecurity (but who have a stake in privacy compliance–marketing, HR, finance) will gain more say in their firm’s cybersecurity investments and practices.
For expert guidance on how to apply technology to your business and security challenges, contact TeamLogic IT today.