It’s a new year, a new decade, and the adage ‘out with the old, in with the new’ seems pretty apt for 2020.
Firstly, it’s a new dawn for the privacy rights of consumers – at least in the state of California. Yes, the California Consumer Privacy Act (CCPA) is now in force, coming into effect in January and bringing with it a host of new privacy rules and guidelines which companies must adhere to regarding the personal data of customers. It’s widely regarded as the most ambitious piece of privacy legislation in US history, and it gives residents living in California various new rights including (but not limited to) the power to:
- Know what data is being collected about them by companies
- Know whether data is being sold to other parties, and to whom
- Refuse such sale of personal data
- Access their personal data
A particularly interesting element of the new Bill is the fact that, whilst it only protects and defends the data privacy rights of Californians, it will affect any companies that have customers based in California, regardless of where the companies themselves are located.
That means the CCPA has the potential to significantly impact not only enterprises across the US, but globally too. It is going to be fascinating to see what role the CCPA will play in the coming months and years, and how organizations cope with getting to grips with the new Bill. Our cover feature on page 12 chews the regulatory fat and outlines the major talking points, challenges and areas of importance of the CCPA.
This issue of Infosecurity also asks whether it’s time to seriously rethink and reposition dated security recruitment strategies and replace them with new, fresh and forward-thinking approaches. The latest (ISC)2 Cybersecurity Workforce Study estimates that the security skills gap has grown again, with global shortages now estimated to be more than four million professionals. Unsurprisingly, over half (51%) of the cybersecurity pros that (ISC)2 surveyed in the study said their organization is at moderate or extreme risk due to staff shortages.
Clearly, traditional recruitment strategies within security have failed, so what needs to be done to bring about real, effective change in how the industry goes about recruiting talent in the numbers that it needs? Find out on page 22 as Infosecurity explores if, and how, the security skills shortage puzzle can be solved.
Furthermore, this year could be one in which our old foe ransomware starts to target a range of newer victims in bigger, more damaging ways. We saw the trend begin in 2019 – especially during the second half of the year – with the ransomware attacks that significantly impacted a number of municipal entities, from states and cities and towns, to local schools and councils. The attacks signified a notable shift from the traditional ransomware targets of enterprises and established businesses in the private sector, to entities in the public sector who arguably possess more sensitive data, but typically have far less sophisticated security means at their disposal. This issue’s news feature on page 8 investigates just how that trend might manifest in 2020 and what it could mean for the security of data across the wider public sector.
Finally, at a time when more and more organizations are embarking on complex journeys of digital transformation to modernize their businesses, our feature on page 28 highlights the key role that security must play in ensuring enterprises are digitally-transformed safely. Companies that fail to integrate security into every step of their digital transformation journey do so at their peril.
As you can see, there’s plenty to cast your eyes over in this issue, and if that’s not enough infosec action for you, we are also just a few weeks away from RSA Conference 2020 in San Francisco, February 24 – 28.
As ever, the Infosecurity team will be at the event, and we’ll be bringing you a variety of content covering all the latest news, insight and analysis from the conference. If you are one of the tens of thousands heading there yourself, make sure you drop by booth 4139 and say hello to the team!
Finally, as we embark on a new chapter in cyber-history, I have no doubt that the next decade will bring with it various information security challenges and hurdles, and that the industry will be greatly tested as it continues its fight to keep people’s data safe. However, I do believe that the world is a more cyber-secure place than it was 10 years ago, and the great many security strides made throughout the last decade prove what is possible with the right desire, investment and hard work. Long may that continue.
I hope you enjoy the issue, and I wish you the very best for the first quarter of 2020.