- Trump taps Sriram Krishnan for AI advisor role amid strategic shift in tech policy
- 5 network automation startups to watch
- 4 Security Controls Keeping Up with the Evolution of IT Environments
- ICO Warns of Festive Mobile Phone Privacy Snafu
- La colaboración entre Seguridad y FinOps puede generar beneficios ocultos en la nube
Privacy Enhancing Technology Is Crucial for Cybersecurity When Hybrid Working
Ivar Wiersma of R3 discusses the cybersecurity issues presented by the “new normal” and how these challenges can be overcome.
By Ivar Wiersma, Head of Conclave, R3
The practice of hybrid working has been one of the few positives embraced by employers and employees alike in the wake of the pandemic. The ability for employees to work from the office but also from home when needed has allowed for flexibility in most sectors and a general increase in wellbeing.
However, while this new model has fostered greater flexibility, we must also be wary of the issues surrounding privacy and data sharing that it has uncovered, which have the potential to stifle innovation and slow post-pandemic growth.
New normal, new problems
The “new normal” poses several new challenges for cyber security since many businesses have found ways to operate virtually.
Although stay at home restrictions have eased, many companies still allow their employees to work remotely. This has increased the demands and requirements on data storage on the cloud, data security and privacy concerns. With remote working becoming a new norm, online data sharing has become the main mode of working.
At its core, the main challenge that we face today is the inability to technologically enforce what and how third parties are using the data once it is made available in the public domain.
Allowing employees to work from home heightens the need to ensure that the data shared is kept secure, confidential and tamper proof.
To prevent any tampering of confidential data, many businesses simply do not share their confidential data with partners. This is a key challenge for businesses in the post-pandemic world.
In Q1 of 2020, when widespread “work from home” schemes were first implemented, there was a 17% increase in the number of data breaches. This further underlines the importance of ensuring the security of user data for many businesses today.
Catering to growing demand
Information sharing offers great opportunities for companies to build more efficient and resilient business models. However, many businesses are still hesitant to share their data as the space remains difficult to control once the data is made available.
With 75% of the world’s population projected to have their personal data online by 2023, user data security will not only become a responsibility of businesses but a priority for those companies who wish to thrive post-pandemic.
To cater to this online transition, businesses have ramped up their partnerships to collaborate digitally in a distributed environment.
However, this digital world brings with it a host of security risks. Some common causes of cyber breaches include using applications that are riddled with vulnerabilities which threaten the integrity and security of classified information owned by enterprises.
To prevent such threats, it is in the firm’s best interest to adopt programs that protect their classified data while it is at rest, in motion and in use. To do so, it is important that firms deploy a security-by-design approach, whereby applications and services are designed to protect privacy first.
Potential solutions to these issues
One possible solution for companies who wish to enhance the security of their complex enterprise structure could be to adopt confidential computing.
This privacy preserving technology encrypts data while it is still in its processing stage, enabling firms to securely aggregate their datasets to solve shared business problems without revealing the raw enterprise data to anyone.
Additionally, it secures the processed and consolidated data from multiple databases as well as the insights generated from them, disallowing access from any party and minimizing the risk of data manipulation.
This new form of data processing can protect policymakers and relevant stakeholders from data breaches, since raw data is not being distributed or made available to external parties. In fact, many enterprises are starting to realise the benefits of adopting confidential computing in today’s distributed work environment.
A report published by Everest Group, for example, forecasts that the confidential computing market could grow from US1.9 billion in 2021 to US$54 billion by 2026.
Alongside confidential computing, a “zero trust” approach could also be used to compliment the protection it provides and strengthen its impact. A ‘Zero trust’ security model requires that a transaction be verified for it to be successful to prevent any security breaches. This implies that all transactions made – even if from within the network – must be verified. Between 2020 and 2026, the market is expected to grow from US$19.6 billion to US $51.6 billion.
However, one challenge of the ‘zero trust’ architecture includes the strict requirements of a ‘zero trust’ network and its implementation. Some of these requirements include ensuring network security, infrastructure security and identity security. But we can expect this to be made easier thanks to emerging technologies that are keeping up with the demand for enhanced security.
Looking ahead
With the rise of remote work and a hybrid cloud environment, traditional networks are increasingly unable to keep up with the ever-growing security needs of firms.
If firms wish to effectively adapt to this “new normal” of hybrid working and promote growth in a post pandemic world, confidence in data sharing must improve. To effectively accomplish this, privacy-enhancing technology like confidential computing should be the answer.
About the Author
Ivar Wiersma is the head of Conclave, R3’s confidential computing platform. Before R3, Ivar started ING Wholesale Banking’s Innovation department and led the Blockchain and Advanced Analytics teams. Ivar can be reached online at “Ivar Wiersma” on LinkedIn and at our company website: https://www.r3.com