Quick peek: data protection headaches, supply chain and logistics risks, data sovereignty challenges and increased attack surfaces due to remote-working.
Let us get right down to the meat of this article for predicting the data protection and data management trends in the new year:
- The attack surface will continue to expand as ways of working evolve
Organizations’ attack surfaces include all the possible ways an attacker can get into their devices and networks and lock up or exfiltrate data.
So, it is essential to keep attack surfaces to a minimum. The problem is that attack surfaces are continually growing as more people work remotely on multiple devices and create more entry points for cybercriminals to carry out cyberattacks. Worse still, attack surfaces are constantly changing. We are not talking about a single surface but many disparate fragments. Furthermore, control of endpoints is becoming increasingly complex as employees leave organizations, and retrieval of equipment becomes harder.
The bottom line is that breaches will inevitably happen in the coming year, and organizations will have to do a better job of recognizing breaches so they can extricate themselves as quickly as possible. Security and recovery strategies must be more thorough and practiced. As the attack surfaces expand, those strategies must cover not only on-premises data but data in the Cloud, at the Edge, and everywhere in between.
- Data sovereignty will create even greater complexity for data management
As organizations grow globally and become more interconnected, the rules around data privacy have become far more complicated. For example, a company based in Germany may use a US-based company like Amazon or Google to store and send data. The question is, where does that German company’s data legally reside, and by what rules is it governed?
The answers to these questions are complex and unclear. Global experts of IT, legal, and HR are discussing passionately how to interpret our constantly evolving reality of data processing. That is why in one survey, 86% of IT decision-makers said their organizations have been impacted by changing compliance requirements for data privacy.
Organizations no longer have a single data lake at their corporate headquarters that IT can focus on protecting. These days, much of their data resides in the cloud, which means they have a globally distributed data infrastructure. They must keep track of sovereignty issues in different jurisdictions, and to do this, they will need help. Cloud providers will have to work more closely with their customers to manage sovereignty and compliance with varying rules.
In the year ahead, the onus will be on both organizations and public cloud providers to improve compliance and data sovereignty issues by improving their understanding of what is in the petabytes of data they are storing, and the regulations around every element of that data.
Businesses can no longer be satisfied by simply backing up data. They will have to get smart about their data content and put policies in place around that content.
- Global supply-chain issues will continue to be a data-protection issue
Supply-chain issues are creating significant disruptions to the global economy, with everything from cars and refrigerators to semiconductors and toys in short supply. These issues look likely to continue well into 2022. In fact, in some surveys in the USA, a majority of CFOs polled expected the issues will not be fixed until the second half of 2022 or later.
In the wake of the Colonial Pipeline ransomware attack, logistics issues and digital risks such as cyberattacks will cause further disruptions to the global supply chain in the coming year. The supply chain will remain a top priority for organizations in 2022. That means they will need to be actively armed with data protection solutions to restore the supply chain to a working state and meet the demands of their customers.
Specifically, organizations will need to ensure that cyberattacks do not compromise their supply chains any further, and that data remains available 24/7 and can be instantly recovered.
- The Data Protection Officer will grow in strategic importance
The DPO is an enterprise security leadership role that, under certain conditions, is required by the General Data Protection Regulation (GDPR). In fact, according to the latest GDPR stats, the demand for Data Protection Officers has risen by over 700% over the last five years.
The role of the DPO is poised to grow in strategic importance in the coming year, particularly as their responsibilities will extend beyond traditional IT to encompass a holistic view of data privacy, security, and education. The DPO can even open new opportunities across the organization. For example, in a world of remote-working, the DPO will be a strategic enabler especially as it becomes clear that the virtual workforce is here to stay.
The challenge of data protection is predicted to become even more daunting in 2022 and beyond. As companies store more data across on-premises, cloud, hybrid, and third-party systems—and as data regulations grow and multiply—companies must stay on top of the ever-evolving data landscape or risk sinking altogether.