Targeted ransomware, attacks on artificial intelligence-based solutions, and data privacy challenges are the three main IT challenges organizations need to keep an eye on in 2020, according to Netwrix experts. Organizations will also need to satisfy data access requests, increase cybersecurity awareness, deal with IT skills shortage, and justify security investments, predicts Netwrix.
Here are the top seven IT trends that will affect organizations in 2020, according to the information security and governance software vendor:
- Ransomware will continue to rise. In 2020, ransomware attacks will become even more targeted and sophisticated. Organizations that store a lot of personally identifiable data — such as those in the healthcare, finance, and government sectors — will be chief targets. To mitigate this threat, CIOs will have to implement measures to ensure fast detection of ransomware attacks and enable prompt recovery.
- AI-based solutions will be a new target for attacks. As organizations implement more solutions based on artificial intelligence (AI) and machine learning (ML), both researchers and adversaries will be experimenting with ways to misuse or mislead those solutions. While vendors need these results to improve cybersecurity, hackers will use them to conduct targeted attacks.
- Data privacy will create demand for new business services. The issue of ensuring consumer, customer and employee data privacy is already on organizations’ radar; the Netwrix IT Trends 2020 report found that 43% of businesses consider data privacy to be their top priority for 2020. To comply with new data privacy legislation being enacted, businesses will have to demonstrate that customer data is gathered and processed lawfully. As a result, the U.S. market will see new offerings that combine legal and IT services to help organizations with their compliance efforts.
- Satisfying data access requests will be increasingly important. Privacy regulations often require organizations to satisfy data access requests (DARs) within a certain time frame or face various penalties. Therefore, CIOs and CISOs will need to choose efficient methods for completing data searches in order to minimize the risk of compliance fines and lawsuits.
- Security training will become a necessity. More organizations will invest in cybersecurity training and consulting to minimize the risk of data breaches due to employee mistakes. CIOs and CISOs will have to justify the increased budget for the training sessions and prove their effectiveness to the larger executive team.
- The IT skill shortage will drive automation. With experienced IT security staff in short supply, CIOs and CISOs will look into automated solutions that streamline security and compliance tasks. Solutions such as robotic process automation (RPA) tools will help these organizations improve overall efficiency and free up IT resources to focus on data security.
- IT teams will need to justify security investments. As organizations allocate more budget to data security, IT teams will need to prove that those investments bring value to the business. To demonstrate enhanced productivity, reduced compliance costs or better IT efficiency, they will develop security metrics and KPIs to report to management.
“Organizations that adhere to privacy regulations and have effective security strategies don’t just avoid fines and lawsuits; they also gain a competitive advantage,” said Ilia Sotnikov, VP of Product Management at Netwrix. “Today, security and privacy are a great business enabler, since being able to readily demonstrate that customer data is processed lawfully and is well protected can increase employee efficiency and boost customer loyalty and retention.”