2020 Predictions: Data Security

This is our first annual roundup of expert predictions for the coming year. Here’s what leading industry figures have to say about data security in 2020.

• Data Supply Chain – It’s no longer sufficient for an enterprise to simply lock down its own infrastructure, since every organization, large and small, relies on a patchwork of third parties for their data supply chain. As such, organizations are not only responsible for protecting their own data but ensuring its security and integrity when used by “downstream” companies. Several large data breaches this year did not involve the enterprises that collected the data, but rather their analytics service provider partners. My belief is that this phenomenon will drive the majority of big enterprises to insist on data protection and security as part of their supplier contracts and demand transparency from vendors in terms of their security posture and defensive measures. – Srinivas Mukkamala, CEO of RiskSense  
• 2019 was the year of synthetic data education. 2020 will be the year that its true adoption starts. 2020 is the year that there is an absolute raw consensus that synthetic data is the best method for data and data privacy for all continuants. Healthcare and ad tech will follow financial services in the surge in adoption. Synthetic data will also be a big part of the conversations to emerge on open banking in the coming year. – ARM Insight

• The importance of data and the value of data will continue to skyrocket, the data market will continue to grow at a fast pace, but: Smaller and smaller organizations (even individuals) are going to gain access to data unlike they have ever had access to previously. The struggle of how to get access to their data and how to derive value from it will be the biggest challenge organizations face. Everyone will be in “collect data” mode, not necessarily “secure data mode,” resulting in further breaches. – ARM Insight

• Third Party Data Sharing Models Evolve. Almost two-thirds of companies have experienced a data breach due to one of their vendors or third party suppliers highlighting the fact that external parties remain a significant source of data loss risk. This begs the need for a different model of data sharing that limits exposure. I expect that there will be increased adoption of data sharing practices that centralizes data instead of distributing outright to multiple external parties, which is the common practice today. This will result in consolidation of digital processing and utilize a privacy preserving analytics capability to support use cases for business intelligence and collaboration across multiple parties.  – Ameesh Divatia, co-founder and CEO of Baffle

• Data Responsibility Becomes a Competitive Advantage. The 2010s were marred with massive, high-profile data breaches and abuses of consumer trust (Facebook/Cambridge Analytica, Yahoo, Marriott, Equifax, Target). The 2020s will see a bifurcation between companies that protect user data and share it responsibly, and those that do not. Those that play “fast and loose” will see an immediate hit to their brand impact, mounting legal and regulatory costs and their long term health of their business come into question. In contrast, those that design their systems to share data responsibly will thrive and soar in value. – Ameesh Divatia, co-founder and CEO of Baffle

• Companies Protect Data at The Source. To protect themselves from both external and internal threats, businesses need to understand that they are already compromised. They must protect data as it is created and “fail safe”, instead of reacting to breaches. To speed responsible sharing, they will adopt data exfiltration control.  – Ameesh Divatia, co-founder and CEO of Baffle

• Data Revocation Becomes Standard. Similar to how Europe has a “right to be forgotten,” companies will begin offering the ability to destroy or shred their own personal data. Facebook, for example, already offers a “kill switch” data revocation method. I expect this will become ubiquitous among companies that collect and store consumer data. – Ameesh Divatia, co-founder and CEO of Baffle

• The Data Protection Service will Become a Security Architecture Standard. With the continued reliance on microservices, serverless compute and a more fluid and ephemeral services architecture, more companies will implement a Data Protection Service to provide a common security architectural model to protect their data, control access, and minimize data exposure. This new architectural model will pave the way for contextual access to data going forward. – Ameesh Divatia, co-founder and CEO of Baffle

Photo by Kevin Ku from Pexels