Bad news for all businesses, big and small. Cybersecurity is going to get a lot more complicated in 2014. Global nonprofit IT association ISACA believes IT and cybersecurity professionals should resolve now to gear up for accelerated change and complexity in 2014, especially in cybersecurity, data privacy and big data.
“The pace of change expected in 2014 will put incredible pressure on technology professionals in the workplace with a focus on keeping IT risk in check while at the same time delivering value to the business,” said Bhavesh Bhagat, CEO of EnCrisp, co-founder of Confident Governance and member of ISACA’s new emerging business and technology committee.
Among the areas ISACA predicts businesses should be preparing for in 2014 include:
Prepare for privacy 2.0: Attitudes toward data privacy are unlikely to reach a consensus in 2014. Instead, be prepared to accommodate both those with little expectation of privacy and those who view their personal data as currency and want to control how that currency is spent.
Slim down big data: Explosive data volumes were the No. 1 issue posed by big data in ISACA’s 2013 IT Risk/Reward Barometer. Unmanageable data creates redundancies and is difficult to secure. In 2014, eliminate the excess and consolidate what remains, to promote sharing and protect using better controls.
Plan to compete for cybersecurity and data analytics experts: The need for smart analytics people and cybersecurity defenders with the right certifications is only going to grow in 2014. Businesses that plan on hiring in the new year need to make sure their compensation package and job descriptions are competitive.
Rethink how your enterprise is using your information security experts: With some elements of IT security operational responsibility (including malware detection, event analysis and control operation) increasingly being outsourced to cloud providers, smart leaders are enabling their internal security experts to become hunters instead of just defenders. This allows them to proactively seek out the most hard-to-detect threats, build internal intelligence capabilities, construct better metrics and invest in operational risk analysis.
Ramp up for the Internet of (even more) Things: With past research showing 50 billion devices expected to be connected to the Internet by 2020, start working now on a policy governing connected devices — many of which are invisible to the end user — if your enterprise doesn’t have one now.
ISACA provides a wide variety of guidance to help business and IT leaders maximize value and manage risk related to information and technology.
Have something to add to this story? Share it in the comments.