In 2013, high-profile data leaks led many people to question how governments and businesses across the globe gather and store citizens’ data. The year also saw no end to the growth in corporate data stores and Australian companies moving more of their data to the cloud.
Looking to the future, what will be the impact of these events in big data and information security? Here are my five forecasts for 2014.
1. Intense focus on data privacy
Companies will have to pay significantly more attention to their data privacy obligations in the face of tightening laws in Europe, Australia and the United States. One of the biggest technology news stories since last year was Edward Snowden’s NSA data leaks. Even more than the efforts of legislators, the Snowden leaks have raised public awareness of organisations handle private data, particularly in the cloud.
Organisations now face close scrutiny of the way they store and manage customers’ and employees’ personal information. Across the globe regulators, customers and the media will harshly penalise organisations that fail to protect private information.
The volume of data created, sent, stored and needing protection will also continue to grow at more than 40 per cent each year, which means it will double every two years. Around 80 per cent of that new data will be unstructured. Will the tools organisations use to manage and protect information catch up with the growing data volumes and pressures to keep it safe? This question will be foremost in the minds of CIOs and compliance and security officers in 2014.
2. Searching the cloud
The economics of managing email in the cloud are very appealing to Australian organisations. According to Frost and Sullivan research at the end of 2012, 43 per cent of Australian businesses had adopted some form of cloud computing. The firm predicted that cloud computing revenues would grow at 40.3 per cent per year from 2011 to 2016. It is fair to assume many organisations will migrate their behind-the-firewall systems to the cloud in 2014.
However, it will become clear that the search technologies provided by many cloud vendors are not robust enough for e-discovery and investigation. Being restricted to simple Boolean searches, or losing the ability to search non-text PDFs, corrupted items and even zip files, simply won’t cut it for investigative, audit, risk and legal teams.
Organisations that have moved their data to the cloud will also realise that e-discovery and investigation efforts need to be applied in the same cloud as the data. With the volume of data involved in these tasks, it is simply not practical to copy it from one data centre to another, as some cloud e-discovery and investigation providers require.
3. Close attention on cyber security
The recent ITU Telecom World Conference in Thailand showed that governments and regulators around the world are eager to boost their cyber security capabilities. In 2014, we will see some interesting cross-pollination of tools and methodologies in investigation, cyber security and e-discovery. This is necessary because growing volumes of data are making traditional methods of analysing electronic evidence impossible for investigators and digital forensics specialists.
For example, investigators may adopt e-discovery-style workflows to deal with massive volumes of data and parcel out review tasks to multiple local or remote reviewers. Cyber security experts will take advantage of the advanced searching and analytical capabilities of investigative tools to track down and remediate breaches. They may need to rely less on traditional digital forensic software, which can only analyse one data source at a time, and more on tools that can index and search multiple locations simultaneously, cross-referencing the results.
4. Data risk concerns in corporate transactions
Companies undergoing mergers and acquisitions – around 35,000 companies worldwide announced transactions during 2013 – will have to pay more attention to privacy and other risks contained in their information assets, which include large volumes of unknown unstructured data.
Acquiring and divesting companies will need to account for potential liabilities that are the result of past privacy and information security errors. Banks, investors and law firms will, by necessity, become more aware of privacy and data risks associated with corporate mergers and what they mean for the companies involved.
5. E-discovery software vendor and provider consolidation
Revenues from enterprise e-discovery software will continue to grow – Gartner predicts the market will expand from $1.4 billion in 2012 to $2.9 billion worldwide by 2017. However, the number of e-discovery software vendors will consolidate. There’s only ever one winner in software; in 2014, the shortlist will narrow to two or three, no matter what the Gartner Magic Quadrant says.
Similarly, I expect e-discovery service providers will continue to consolidate. E-discovery tasks are getting harder and there are harsher penalties for getting it wrong, so there’s strong demand and a high price for top-notch e-discovery skills. Some litigation support vendors will provide e-discovery as a managed service for clients looking to do more in-house; some clients will insource the whole process, or as much as they can.
Eddie Sheehy is CEO of Nuix.