If there is any doubt just how significant the technology advancements of the new decade are likely to be, we need only to take stock of what we have observed over the course of our current decade.
Consider several of the technology sea changes we have witnessed in the 2010s that have reshaped the landscape of information security and paved the way for even more remarkable developments to come in the 2020s.
The rise of mobile: While smartphones existed in 2010, we’ve seen them become a central component of our daily lives. Simultaneously, the number of Internet of Things devices has exploded, with Gartner estimating more than 20 billion connected things will be in use worldwide by 2020. The traditional security perimeter will never be the same.
AI: It was not too long ago that AI fascinated researchers and academics, and not too many others. Over the course of the 2010s, AI has reached beyond laboratories and found its way into our residences and vehicles as voice-activated assistants like Alexa and Siri have become household names. Meanwhile, automobile manufacturers are investing heavily in AI-powered self-driving vehicles, which have gone from a farfetched sci-fi notion to one of the most-discussed technological breakthroughs on the near-term horizon. AI is now impacting many industries and professions, including cybersecurity.
Privacy: We started the decade with most of the western world largely apathetic toward privacy. In fact, if it meant a free cup of coffee or perhaps for no reason at all, consumers were willing to give away all kinds of personal information about themselves without a second thought. As we exit the decade, there has been a complete reversal in mindset – consumers are hypersensitive about sharing personal information, major privacy regulations such as GDPR have taken hold and CIOs have become markedly more discerning about what data they collect – and why.
Cybersecurity: Think back to the start of the decade, when protecting information was for the IT folks to worry about. A series of high-profile cyber incidents – Target, Sony, Yahoo, Equifax, just to name a few – quickly turned protecting business and customer data into a business imperative that commands the attention of boards of directors worldwide. This newfound focus on cybersecurity also has drawn attention to a serious skills shortage that leaves many enterprises scrambling for professionals who can keep them from becoming the next victim of a data breach.
Quantum computing: The 2010s saw quantum computing emerge as a technology that will need to be reckoned with, prompting giant tech companies and organizations such as NIST to consider what will happen once quantum computers powerful enough to run Shor’s algorithm are created.
So, where do the above sea changes leave us as we near the beginning of a new decade? Clearly, we’re in “To be continued …” mode in all of these areas, but there is more headway that still needs to be made in some areas than others.
For example, on the privacy front, most organizations by now at least have a check-the-box compliance procedure set up and many have implemented a whole data governance strategy. Others have gone even further, identifying protecting customer privacy as a core asset of their company.
Of course, there are further strides that need to be made, and the regulatory environment will continue to evolve, but thankfully, gone are the days when companies figured, “Let’s collect everything” without a plan for how to use and protect that data.
On the other end of the spectrum, the 2010s leave us with an especially concerning decade ahead when it comes to AI and quantum computing. Industry organizations, researchers and academia have pointed to an array of potentially alarming malicious use cases of AI, but to this point, there are few industry-wide standards or solutions of how to mitigate those risks.
We also begin the decade with an important race in progress on quantum computing – what will happen first, the development of a quantum computer that breaks internet encryption or the development and implementation of an algorithm that will be resilient to quantum computing?
As technology sea changes have unfolded over the past decade, a tremendous amount of progress has been made by those in information security and related professions, but the challenges are too great and the impact too far-reaching to rest on our laurels. There are many successes to build upon and unanswered questions to solve.
With so many weighty challenges on the horizon, it is clear that information security professionals will play a leading part in how the 2020s take shape, not only for enterprises, but for society as a whole.