The past couple of years has witnessed an unprecedented surge in data breaches. The sudden adoption and dependence on digital environments revealed vulnerabilities that organizations were not paying attention to.
2021 witnessed data breaches surged to an all-time high. A report from the Identity Theft Research Center found that by September 2021, the total number of data breaches had surpassed those of 2020 by 17 percent. Another report from Verizon, “2021 Data Breach Investigation Report” found that phishing was present in over a third of all the breaches that occurred.
This immense surge in data breaches highlighted the vulnerabilities that are still present in most of the infrastructure of enterprises. With employees predicted to work remotely in the foreseeable future, far removed from the corporate perimeters, it is expected that the numbers will only increase. Also, threat actors are advancing their methods to further penetrate the network, making it critical for organizations to strengthen their network infrastructure against the threats. To tackle these threats effectively, CISOs should seek strategies and methods that will enable them to secure their database. Here are a few data protection trends that they should watch out for and potentially adopt while heading in 2022:
2) Proving that data is protected
“Last year, organizations were asking themselves, ‘Are we protected in our data?’ Now we are seeing a huge shift towards organizations saying: ‘How can we prove that we are protected?’,”
says Sovan Bin, Founder and CEO, Odseva. He further adds, “Rather than just ticking a box that they have a backup system, organizations are now looking to optimize their RTO (recovery time objective) – or how long it takes to recover data after an issue. In 2022, more and more large organizations will start to take their RTO objective seriously, doing quarterly testing on these timings.”
“This, in turn, is helping organizations comply with the governance frameworks that they’re working within. People need to prove to their business networks that they have a backup – they can’t just assume that the cloud provides it all. They need to show that data is secure and recoverable, and how fast they can recover it,” adds Sovan Bin.
2) Anonymizing sandboxes
“Like this year, in 2022, organizations will need to protect different development environments – with everyone working from home there’s a much greater interest in who has access to data,”says Sovan Bin. “For example, within developer teams, there are people evaluating test data and making sure it’s anonymized and secure – improving the entire development process. Organizations are anonymizing their sandboxes and protecting their data development. Often, they’re finding they don’t have enough anonymized data – how do they improve that process and the efficiency of it? That question will be asked in 2022,” adds Sovan Bin.
3) Global privacy requirements require localization
As per Sovan Bin, privacy regulation will continue to go global while requiring increasing localized implementation and storage. “2021 saw the China Personal Information Protection Law (PIPL) passed at astonishing speed, cementing this trend. The extent of the requirements will become clearer as implementing regulations are introduced in 2022,” says Sovan Bin.