Infosec Trends in Spring 2019
As we move into spring 2019, information security experts have pinpointed several emerging trends that we can begin preparing for today. Some of these trends are picking up steam, while others are emerging technologies. By way of two sources, Information Security Buzz and Information Age, here are some of the more notable examples.
Passwordless authentication is growing in popularity for 2019, and can bring convenience and greater security, which don’t always go hand in hand. Touch ID and other biometrics are coming to various devices and puts accessibility solely in the hands of the user.
Data and workload storage in the cloud is increasing exponentially year over year, which clearly calls for stronger security and care as information moves away from local devices. Users and enterprises should implement encryption, need-to-know access, data recovery, and generally take steps to keep information as secure as possible.
Artificial intelligence and machine learning technologies are being used to automate monitoring of all services including cloud security services services. These technologies provide analytics and automation to assist organizations like ASU move increasingly to a proactive mode rather than the reactive response modes of the past. For example, new products can use predictive technology to actively and automatically investigate incidents and insights. Ultimately, these new solutions streamline previously manual processes of detecting malicious activity or potentially compromised systems offering fantastic advancements for enterprise security solutions. They can find not only malware (bad software) but also good software that is being used for bad things. While common antivirus programs don’t catch this, upcoming “endpoint security” solutions can.
Blockchain, the form of encryption technology behind bitcoin and cryptocurrency, has other applications. Due to its reputation to be able to provide “trustless transactions,” blockchain can be used to verify the signing of contracts and transferring of patients’ health information. It’s not a universal technology yet, but certainly an emerging area.
Security concerns related to the “Internet of Things” and the proliferation of devices has been well-documented over the last few years. This year’s message is similar, many of these devices were not designed with security in mind. As there are more and more devices connected to the internet it’s important to follow a few basic steps. Consider the security features before you purchase, and once you’ve selected a device ensure that you update software patches regularly and follow best practices including changing factory default passwords and configuration settings.
There is renewed, expanded interest in privacy that will likely lead to increased regulatory compliance requirements. The European General Data Protection Regulation (GDPR), state laws in California and eminent in Washington are indicators of this trend. Consumers are increasingly interested in protecting their privacy and corporations and organizations are stepping up their game when it comes to requesting consent and providing unprecedented transparency around data usage for services provided.
This will be an interesting area to follow for potentially game-changing developments. We hope you enjoyed this brief summary of a few areas to keep an eye on. Make sure to follow UTO on Twitter @ASU_UTO.
Sources: Information Security Buzz, Information Age