In spite of breakthroughs in technology and cybersecurity, 2018 witnessed a significant number of high-profile breaches. In response, the cybersecurity industry is evolving, with both users and providers becoming more security conscious. The following are 4 cybersecurity predictions that are expected to continue into 2019:
Privacy is a growing trend
As users begin to understand the importance and value of their data, they expect organizations to protect it. When they do not, users retaliate in many ways, including temporary or permanent boycotts. Stan Lowe, the Global CISO for Zscaler, believes, "Cyber breaches will have increased impacts on corporate stock prices." Over the course of 2018, Facebook was investigated for a major security breach which exposed the data of millions of users. This caused its stock to drop more than 20%. Growing cybersecurity awareness means that stock price drops resulting from breaches will only get worse. Moreover, it is expected that users will learn to manage their own privacy and data security will evolve accordingly.
Privacy laws will continue to fall short
Even though cybersecurity capabilities are improving, international, national and state laws will still linger behind. For instance, the US does not intend to propose new digital privacy laws for 2019. This is in spite of the numerous scandals which forced three of its social media giants to testify before congress. The fact that some of the largest corporations still have major security issues is evidence that digital security requires harsher laws to be implemented.
Fortunately, states are beginning to acknowledge the shortcomings of current cyber security legislation and are introducing or amending existing laws. In mid 2018, the California Consumer Privacy Act (CCPA), which will be implemented by 2020, was amended. It will give control back to users by allowing them to freely opt-out of the selling of their information and will give them the right to take private action against organizations that fail to protect their data.
Government overreach will continue to be an issue
Not only does the problem lie in the slow enforcement of regulation, but it is also rooted in the fact that governments are currently trying to gain access to more personal data and information in the name of national security. For instance, Australia recently passed the Telecommunications Access and Assistance Bill which allows police to demand access to encrypted messaging applications including iMessage and Whatsapp. Similarly, the US has been trying to do the same but attempts have stalled in the face of heavy criticism.
Focus will be on finding new talent
The wide gap between the cybersecurity industry's needs and the available workforce is not news. The government and security conscious organizations are struggling to attract and hold on to talent. For this reason, they will focus on reskilling and growing the cybersecurity workforce. In early 2019, the US government will launch the Federal Cyber Reskilling Academy, a program which trains federal employees who are not specialized in cybersecurity. The aim of this program is to help the government meet the high demand in an industry suffering from a wide skill gap.