Cybersecurity—the protection of valuable intellectual property, business information and financial transactions in digital form against theft and misuse—is an increasingly critical issue in India, especially in the light of ‘Demonetization’ and GST which have played a big role in transforming the way India transacts. The overall security landscape in 2018 will be an extension of what we witnessed in 2017 through ransomware attacks such as WannaCry and NotPetya. India was at the center of these attacks, which means the luxury of being aloof from global events of this scale is no longer available to institutions, governments, businesses, and individuals in India. An attack which plagues organizations in the US and UK is definitely going to hit us too.
In our opinion, the following five trends will define the cybersecurity landscape in 2018.
Privacy and Personal Data Protection: Privacy and personal data protection will be the focus in 2018. A growing number of organizations are now processing Aadhaar-related information and personally identifiable information of customers, which have given rise to the concerns around the privacy and personal data protection. Data security of the information will take the center-stage in 2018. First, General Data Protection Regulation (GDPR) of the EU will also have a considerable impact on the multi-nationals. Secondly, the Supreme Court of India’s ruling in favor of ‘Right to Privacy’ will also influence the security landscape. Due to this, for the first time in many years, organizations will start showing significant interest in advanced encryption and key management technologies in order to secure customer data.
Machine Learning in Cybersecurity: Machine learning (ML) in cybersecurity will go through a trough of disillusionment and will inch closer to becoming mature. As organizations will be keen to adopt solutions and technologies that can help them predict and prevent cyber security instances in real time, the market will witness numerous cybersecurity products claiming ML capabilities. Stakeholders should rationalize their expectations and focus on tangible outcomes using ML.
Customized security solutions: As the threat landscape is becoming complex with hackers launching targeted attacks on different organizations and their users, organizations are gradually realizing the need to add security layers designed for them or by them in-house. As a result, organizations will explore non-standard solutions including building in-house capabilities to meet cybersecurity requirements. Since the nature of every business is different, organizations will also invest more in localized solutions/products. It is probable that many organizations start building their own in-house solutions to fulfill unmet demands.
Indian security start-ups to garner spotlight: With growing need for customized solutions and disillusionment with a number of solutions, cybersecurity start-ups in India will find traction and may reach a tipping point in 2018. Many large banks, telecom companies, insurance firms, government organizations and e-commerce firms, among others, will find their security needs underserved by the existing security products and solutions in the market, thereby forcing them to look up to start-ups to build and implement innovative security solutions.
Back to Basics: Organizations will refocus on basics including protection of crown jewels. While malware and ransomware attacks will continue to grow, organizations will refocus on protecting what is really important. The focus will move from protecting endpoints to securing organizational data – whether in physical datacenters or in the cloud. Encryption, access control, cloud security, and secure DevOps will be some of the key initiatives in 2018.
In essence, 2018 is going to be a momentous year for cybersecurity. A lot will be on stake as the nature and frequency of cyber attacks will force organizations to multiply their focus on cybersecurity. Thus, given the increasing pace and complexity of threats and the clear focus on realizing a more cashless economy, organizations are advised to adopt approaches to cybersecurity that help them protect critical business information without constraining innovation and growth. It is high time that CIOs and CISOs keep their stakes high to deal with any security challenge that might cross their way in 2018.
The author is Partner and Leader Cyber Security at PwC India