Futurex unveiled its top enterprise data security predictions for 2023 and beyond. The predictions investigate emerging trends in cryptography that lie at the heart of network protection innovations and developing issues as more devices and infrastructure connect to the web.
“With the evolving data security landscape, there is a critical need for solution providers to produce breakthrough innovations that meet the cybersecurity needs of clients and allow them to focus on their key business. This requires an understanding of what has changed, followed by a review of how to respond to that change.” Adam Cason, Vice President, Global and Strategic Alliances of Futurex.
The top data security predictions for 2023 and beyond
Cloud adoption to increase
An organization seeking to migrate its workloads to the cloud must find a cloud service provider that meets cryptographic requirements and complies with data localization policy. However, only a few cloud services have met these criteria. This partially explains India’s historical rate of cloud adoption, which sees larger organizations migrate slower and less often compared with smaller organizations like fintech. This is starting to change, however. With organizations like Futurex establishing data centers in India and providing comprehensive cryptographic services through their cloud platforms, organizations of all sizes are being presented with better options for migrating to the cloud and staying compliant.
Remote key loading (RKL): a sought-after use case
Point of sale (POS) solutions are secured with encryption keys, such as those used by merchants to process customer payments. However, these keys must regularly be exchanged with centralized servers to protect against cyberattacks. As a result, remote key loading (RKL) is becoming popular among organizations that develop and deploy POS solutions. RKL is powered by general-purpose HSMs that encrypt and manage keys, meaning there is likely to be more demand for these solutions.
Fintech market growth
India is already a major hub for payment processing, but its financial technology (fintech) market is also growing fast. There are currently thousands of fintech operating in India, with around 100 has reached a valuation of USD 1 billion without being listed on Indian stock exchanges. As cloud solutions continue to gain traction within India, it will be easier for fintech startups to get their products to market in shorter time frames and for established fintech to expand their service offerings.
General-purpose encryption demand
Many payments and communications organizations in India are familiar with general-purpose cryptography, which is often used to issue digital signatures to authenticate messages and data. Futurex sees rising demand for other general-purpose cryptographic use cases as well. One example is in the field of the internet of things (IoT). IoT solutions worldwide are on the rise, and so are cyberattacks against IoT devices. Organizations are deploying digital signing operations to authenticate IoT devices and prevent network attacks. Another example is tokenization, where sensitive data is substituted for randomized strings to make it unreadable in case of a breach. This relates to a general trend toward better database security.
Centralized cryptographic services groups for encryption and key management
By 2023, more organizations will move towards centralized cryptographic services groups that handle all encryption and key-management needs. They split these functions across business units, geographies, or applications. A centralized cryptographic services group will lead to improved efficiency and enhanced agility, facilitating the deployment of cryptography in more areas of the organization.
Complex infrastructure and compliant ways to secure data stored in the cloud
Post-pandemic, most companies are moving on-premise services into public, private, or hybrid clouds. This shift, however, poses new data security challenges and requires enhancement and protection of processes around services that moved to the cloud, supported by a complex infrastructure and compliance best practices. For example, document management may get changed and improved via encryption. Information stored in the databases will need to be encrypted instead of just being stored in cloud buckets. There is a need for an extra layer of protection to meet new challenges in addition to the mechanisms cloud services offer.
Hardening of encryption to stay one step ahead of threats
Encryption is evolving. Globally, there are entities such as NIST (for general purposes) and PCI (for financial services), among others, that indicate the best way organizations need to handle information that contains sensitive data. These guidelines include a transaction, private document, invoice, or anything that involves money or information risk. With the growing information risk, the trend in encryption will be to harden as much as possible so that the hackers do not catch up with algorithms and find an easy way to decrypt what is encrypted.
Encryption to become a must for all markets
Today, more is needed to pass PCI or local government audits. With all new services moving to the cloud, encryption should move from an option to a must-have capability. The guidance applies to not only tier-1 enterprises but also every single business involved in handling information, money, data, or whatever needs to be protected.