#Infosec18: Regulation is Top Driver of Cybersecurity, Now & in the Future

Infosecurity has released the findings of a recent survey of senior industry professionals to determine the key trends that are currently driving cybersecurity spending and behaviors, and what factors will drive it in the next five years.

Launched today at Infosecurity Europe 2018, the State of Cybersecurity Report written by Infosecurity contributing editor Dan Raywood, revealed 46% of the 32 CISO and analyst respondents polled considered GDPR and regulations to be the main driving force behind cybersecurity at the moment. In second place was the expanding threat landscape and evolving attacks (34%) and in third was greater board level recognition of cybersecurity as a business risk (21%). Use of the cloud (21%) and selling via FUD/panic (18%) completed the top five.

“The GDPR is putting mitigation technologies such as encryption, tokenization and anything under the banner of anonymization/pseudonymization very firmly into public consciousness,” and will drive innovations in the tech and governance spaces, said consultant Neira Jones.

For Raef Meeuwisse, author of Cybersecurity for Beginners, the rapid evolution of the cyber-threat landscape was “without doubt the main driver for change” in the information security sector, with Scott Crawford, research director of the information security practice at 451 Research, adding that defenders are forced to make the best of limited resources to secure the entire attacks surface. “How they make those decisions has been a key driver in everything from risk management to the embrace of modern analytics to better recognize and respond to threats,” he explained.

With regards to greater awareness of cybersecurity as a business risk, Dr Jessica Barker, co-founder of Redacted Firm, said the issue is increasingly in front of boards “who want the [security] team to tell them what they are doing,” so that management are aware of how the business is affected. However, Andy Samsonoff, CEO of invinsec, warned that “IT security is still seen as a niche or largely technical activity,” arguing that businesses that take this approach put themselves at greater risk of security and data breaches.

Looking to future and the factors that will drive cybersecurity over the next five years, GDPR and regulations still came out on top (34% of respondents), with greater use of cloud platforms (34%), adoption of AI and automation technologies (28%) and increased creativity of attacks (28%) also proving popular.

To conclude, respondents were asked if they thought the cybersecurity industry was in a good place. Of the pros surveyed, 27 answered with 20 undecided on a ‘yes and no’ viewpoint, four answered positively and three said it was not in a good place.

Dan Raywood, contributing editor, Infosecurity, will be presenting an overview of the research findings on Thursday June 7 at 12.45 pm in the Talking Tactics theatre at Infosecurity Europe.

You can download and read the report in full here

What’s Hot on Infosecurity Magazine?