It’s an understatement to say that 2022 saw a lot of change for all sectors, due to the ever-changing impact of the COVID-19 pandemic, hyperinflation, and the war in Ukraine.
Despite these challenges, Gartner estimates that global IT spending is expected to grow to more than $4 trillion dollars in 2023. Many organizations are deliberating on how to tackle the ever-rising influx of data, and assessing the ever-present reality of cyber-risks, disasters and data protection legislation.
Below tech experts discuss trends and predictions for the tech industry within data privacy, protection and disaster recovery in the upcoming year.
Hayley-Jayne Cone, VP Customer, Snowplow:
“In 2022, discussion of data protection laws has increased on a global scale, such as with the General Data Protection Regulation (GDPR). Specifically, many countries are seeking clarity on how and when data may be used so that technology companies can remain compliant. This issue has resurfaced in 2022 after Google Analyticswas found to be not in compliance with GDPR in several countries, such as Austria, France, Italy and Denmark. Many organizations find themselves looking for alternative analytics options for their tracking.
We’re also seeing more focus on data privacy in the U.S. at the state level in California, New York, Virginia, and Colorado. Many more states are considering drafting privacy laws. It’s a real struggle for businesses to navigate these new legislations, especially when new laws are being enacted at the state level rather than the national level every year. In 2023, we will see more organizations reckoning with how to effectively comply with the new data privacy regulations while continuing to provide the best possible customer experience.”
James Winebrenner, CEO, Elisity:
“As many organizations press pause on their post-pandemic growth, there will be a laser focus on shoring up operational efficiency and automating or at least streamlining security operations to make it through the downturn and be better prepared when growth resumes. We are seeing customers recognize the inefficiency and unsustainable nature of ‘firefighting mode’ for vulnerability management in their OT and unmanaged infrastructure and looking to invest in a more automated and risk-based approach to streamline.”
Stacy Hayes, Co-founder and EVP Americas, Assured Data Protection:
“DR and backup have always been the domain of the CTO and the IT teams, but a shift is happening within organizations that could see these critical functions fall under the jurisdiction of the CISO, CSO and cyber security teams. The IT stack is in a state of constant flux anyway because of hybrid cloud deployments, and the emergence of microservices and cloud native applications. The CTO departments of this world have their work cut out for them piecing all of these new elements together and adopting new DevOps strategies. So the responsibility of data management could easily be transferred to the CISO and security operations teams who are growing in influence across organizations as cyber threats continue to escalate.
The role of the CISO has developed over the last couple of years, as budgets and teams have grown to help protect company data, assets and infrastructure. At the same time many players in the backup space have repositioned as complementary providers of security solutions, which in turn has attracted the attention of CISOs. We’ve had interesting discussions with CISOs ourselves. They’re genuinely interested in managed solutions that can bridge the gap between IT and security. Consequently, they’re looking for immutable backup solutions that they can fall back on in the event of a ransomware attack or data breach.
It would make sense for them to own the DR and backup function to strengthen their defensive security posture. They could expand their role to support business continuity besides threat mitigation and prevention. Knowing they had a reliable backup in place to host company data while they track down and isolate threat actors would be reassuring to the CISO and the wider organization. Although, this policy would be specific to the needs of the business. It would depend entirely on the culture of the organization. But expect to see instances of it happening over the next 12 months.”
Andrew Eva, CTO, Americas, Assured Data Protection:
“Businesses are more reliant on the cloud than ever, however that makes them more susceptible to breaches, ransomware, and other threats, not to mention traditional outages. With nearly all businesses looking to achieve cyber resilience, many have been investing in cyber insurance. However, cyber insurance premiums have been rising for some time now and many insurers are even refusing to offer policies. The risk to insurers was too big and costly.
While SaaS companies and their partners have been emerging as a viable alternative to traditional insurance, we’re starting to see enterprises reaching out to data protection service providers to gain access to cyber insurance. We’re already seeing a shift with more customers coming to us to request audit reports or insurance questionnaires to provide validation to insurers that their backups are immutable. Businesses are looking to vendors and MSPs as trusted third parties that can guarantee their data protection and security.
Ultimately, insurance companies are trying to mitigate their risk. Businesses need to have a reliable resource in place that will throw a protective layer over their data and be able to recover their digital assets in the event of a breach or incident as an insurance guarantor. This approach will start to become more prevalent in 2023.”