9 Bold Predictions For The Future Of Privacy And Data
Predicting the future is a perilous task - especially in complex and fast-moving markets like the tech sector. Every year pundits are keen to make predictions at the start of the year. Many of them are less keen to review their predictions though from the previous year.
So it was with a mixture of confidence in my knowledge of market and fear of looking foolish that I recently submitted a blog for Commvault entitled: 9 Bold Predictions For The Future Of Privacy And Data. It aimed to look ahead to what people are terming the 'new normal' for the reality that we will all face post-COVID.
My blog was written a month ago, but only published a few days ago, and to my amazement two of the predictions have already come true. Read all nine and see which two you think might already have come true - I will tell you the answer at the end.
Problem 1: The move to the cloud is creating a massive data management headache
During the migration to the cloud, most organisations have an application problem. … Once they are in the cloud they have a data problem.
Problem 2: Adapting to the new normal
"Remote working can be a privacy and security nightmare."
Problem 3: Big tech firms appear above the law
Problem 4: Inconsistent global regulation
Problem 5: The threat landscape is getting worse all the time, and so is the complexity
Complexity is becoming as big a problem as cyber crime, with many CISOs spending more time coping with the security tech than they do coping with the threats themselves.
Problem 6: Companies are taking a tick box approach to GDPR
"The foresight of data protection, preparation and prevention isn’t necessarily cheap, but it’s a whole lot cheaper than hindsight and the technical, legal and reputational cost of getting it wrong."
Problem 7: Senior management is still failing to take data privacy seriously
Problem 8: Cyber insurance isn’t fit for purpose
Problem 9: We are heading for a cyber arms race
See the predictions in full at https://www.commvault.com/blogs/9-bold-predictions-for-the-future-of-privacy-and-data
So, which of the nine predictions above do you think have already come true?
First of all - Problem 3: The EU ruling that invalidated Privacy Shield and restricted the use of Standard Cntracual Clauses (SCCs) came as a surprise to many, but not to those that had followed the long running saga of Max Schrem's challange against Facebook. It came as litte surprise to me asI had been close to the campaign and had been fproviding support to Max and NOYB.eu (the NGO for GDPR enforcement). The full ramifications for the ruling have yet to be realised by most though.
We are still waiting to hear from the local regulators (DPAs) in countries like France and Germany on their interpretation of the ruling and their consequent guidelines - as well as from the ICO in the UK. In the meantime we have already seen guidance from the legal team for Criminal Justice Organisations (Police, Courts, CPS, Prisons/MoJ, etc.) in the UK. These guys definitely know their law and they have said that you can no longer discuss/share any personal data on cloud platforms or cloud services from US firms. This includes the use of everything from Microsoft Teams, Zoom, Salesforce, GMail or Office 365 to cloud platforms like AWS, Azure or Google Cloud Platform. If the guidance fom the local DPAs alignes with this then the ramifications would be massive. ALL organisations in both the public and private sectors would have to stop usine cloud platforms or cloud services from US firms when either discussing or sharing personal data of any EU citizen.
America’s European allies are not the only ones critical of mass surveillance in the US. A new Cloud Assessment and Authorisation Framework has just been released by the Australian Cyber Security Centre. It is closely aligned to the recommendations in Europe about using local cloud providers to avoid extrajudicial control and interference by a foreign entity. With both the EU and Australia calling for legislative reform, how long can Congress put this off? After all it can no longer just be portrayed as an EU problem. At the same time Japan, Singapore, Indonesia and others are currently reviewing their cloud security guidance - they are likely to reach the same conclusions as the Australians did (entirely independently of the EU).
Also - Problem 7: We thought it would take some time for individual directors to be held to account for data management failings ... however ... we have just seen details of a court case in New York. This will be one to watch, being the first over the line with no precedents set. It actually names the board members and CISO individually as defendants - which should make Wall Street and board members everywhere sit up and think.
Lets see how long it takes for a few more of my predictions to come true
@Commvault #Commvault #Sponsored #CommvaultInfluencer