Five information security and big data forecasts for 2014

In 2013, high-profile data leaks led many people to question how governments and businesses across the globe gather and store citizens’ data. The year also saw no end to the growth in corporate data stores and Australian companies moving more of their data to the cloud.

Looking to the future, what will be the impact of these events in big data and information security? Here are my five forecasts for 2014.

1. Intense focus on data privacy

Companies will have to pay significantly more attention to their data privacy obligations in the face of tightening laws in Europe, Australia and the United States. One of the biggest technology news stories since last year was Edward Snowden’s NSA data leaks. Even more than the efforts of legislators, the Snowden leaks have raised public awareness of organisations handle private data, particularly in the cloud.

Organisations now face close scrutiny of the way they store and manage customers’ and employees’ personal information. Across the globe regulators, customers and the media will harshly penalise organisations that fail to protect private information.

The volume of data created, sent, stored and needing protection will also continue to grow at more than 40 per cent each year, which means it will double every two years. Around 80 per cent of that new data will be unstructured. Will the tools organisations use to manage and protect information catch up with the growing data volumes and pressures to keep it safe? This question will be foremost in the minds of CIOs and compliance and security officers in 2014.

2. Searching the cloud

The economics of managing email in the cloud are very appealing to Australian organisations. According to Frost and Sullivan research at the end of 2012, 43 per cent of Australian businesses had adopted some form of cloud computing. The firm predicted that cloud computing revenues would grow at 40.3 per cent per year from 2011 to 2016. It is fair to assume many organisations will migrate their behind-the-firewall systems to the cloud in 2014.

However, it will become clear that the search technologies provided by many cloud vendors are not robust enough for e-discovery and investigation. Being restricted to simple Boolean searches, or losing the ability to search non-text PDFs, corrupted items and even zip files, simply won’t cut it for investigative, audit, risk and legal teams.

Organisations that have moved their data to the cloud will also realise that e-discovery and investigation efforts need to be applied in the same cloud as the data. With the volume of data involved in these tasks, it is simply not practical to copy it from one data centre to another, as some cloud e-discovery and investigation providers require.

3. Close attention on cyber security

The recent ITU Telecom World Conference in Thailand showed that governments and regulators around the world are eager to boost their cyber security capabilities. In 2014, we will see some interesting cross-pollination of tools and methodologies in investigation, cyber security and e-discovery. This is necessary because growing volumes of data are making traditional methods of analysing electronic evidence impossible for investigators and digital forensics specialists.

For example, investigators may adopt e-discovery-style workflows to deal with massive volumes of data and parcel out review tasks to multiple local or remote reviewers. Cyber security experts will take advantage of the advanced searching and analytical capabilities of investigative tools to track down and remediate breaches. They may need to rely less on traditional digital forensic software, which can only analyse one data source at a time, and more on tools that can index and search multiple locations simultaneously, cross-referencing the results.

4. Data risk concerns in corporate transactions

Companies undergoing mergers and acquisitions – around 35,000 companies worldwide announced transactions during 2013 – will have to pay more attention to privacy and other risks contained in their information assets, which include large volumes of unknown unstructured data.

Acquiring and divesting companies will need to account for potential liabilities that are the result of past privacy and information security errors. Banks, investors and law firms will, by necessity, become more aware of privacy and data risks associated with corporate mergers and what they mean for the companies involved.

5. E-discovery software vendor and provider consolidation

Revenues from enterprise e-discovery software will continue to grow – Gartner predicts the market will expand from $1.4 billion in 2012 to $2.9 billion worldwide by 2017. However, the number of e-discovery software vendors will consolidate. There’s only ever one winner in software; in 2014, the shortlist will narrow to two or three, no matter what the Gartner Magic Quadrant says.

Similarly, I expect e-discovery service providers will continue to consolidate. E-discovery tasks are getting harder and there are harsher penalties for getting it wrong, so there’s strong demand and a high price for top-notch e-discovery skills. Some litigation support vendors will provide e-discovery as a managed service for clients looking to do more in-house; some clients will insource the whole process, or as much as they can.

Eddie Sheehy is CEO of Nuix.

Join the CSO newsletter!

Error: Please check your email address.

Tags e-discoveryinformation securitybig data

More about GartnerITUNSANuix

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Eddie Sheehy

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place