The end of the year is approaching and it is time to make a review about everything that happened this year. The business security industry has brought a lot of buzz this year and it’s important to look at what has changed over the last few months so we can be prepared to receive 2019! In today’s article, we cover everything that has changed throughout the year in the security industry.
The year 2018 was marked by the entry into force of the new general data protection regulation in the European Union. In May, this legislation has become mandatory for all companies in the European Union and for all those which are located outside the European area and are engaged in transactions with European companies. The new law has brought new rules and new penalties for offenders. After half a year of its entry into force, many companies admit that they are not prepared to comply with all the requirements of this regulation. In Portugal, the first case of penalty occurred in the Hospital of Barreiro. The National Data Protection Commission (CNPD) imposed fines of 400 thousand euros to the Hospital of Barreiro, due to data protection failures. Unauthorized technicians and doctors were able to access patient data and there were several authentication failures. The fine was known after an inspection carried out in June. This first case of non-compliance with the law and its punishment is proof that the new law actually exists and that the CNPD is active and working on the detection of breaches of this regulation aimed at protecting the personal data of citizens.
With each passing day, companies generate more and more data. With this growing wave of data, security threats are happening in greater numbers. One of the main trends this year was advanced information analysis. These data analysis tools help organizations analyze data more consciously and objectively, and there is greater control over IT infrastructures and data source.
The business security market is evolving into a new paradigm. IT solution providers are moving towards solutions that address the “pains” of each customer and are adopting the “every case is a case” maxim. This factor has a very important weight for improving the security of companies, since now the solutions are not watertight, but adaptable to the reality of each client, the size and complexity of the IT infrastructure and also the available budget. This more personalized approach to business security provides flexible solutions tailored to the true needs of each organization.
In 2017 Gartner proposed a new approach that is based on a constant process of revisions, revaluations and adjustments. This new strategy is known as CARTA (which means continuous risk assessment and continuous trust) and aims to replace the old “fit and forget” scheme. This approach requires a real-time assessment of the risks in the IT environment and has the main advantage of identifying the problems before they cause serious damage to the company.
The Internet of Things is a reality in which several objects used in everyday life are connected to the Internet. Nowadays, more and more objects are connected to the Web. At the beginning of this digital age, it was only possible to connect smartphones and tablets, and yet in recent years we have witnessed a revolution in this area and it is now possible to connect game consoles, televisions and surveillance cameras to the network. In a very simplified way, Internet of Things aims to connect any device to the Internet. According to Gartner, in 2020 there will be more than 26 billion devices connected to the network. At home, this concept aims to make life easier for people, but its application will also have an impact on the business world. Companies need to ensure that information shared between devices connected to the network remains secure and with so many devices connected simultaneously, the need for security is even greater than before. Companies will thus need to find professionals capable of securing this security, which will result in more effective management and greater protection of all information. The end result will be a more conscious company about the need to protect your information.