The predictions investigate emerging trends in cryptography that lie at the heart of network protection innovations.
The demand for data security solutions is at an all-time high. Never before has the world seen the large-scale deployment of these solutions across enterprises, according to Adam Cason, Vice President, Global and Strategic Alliances at Futurex.
With the evolving data security landscape, there is a critical need for solution providers to produce breakthrough innovations that meet the cybersecurity needs of clients and allow them to focus on their key business. This requires an understanding of what has changed, followed by a review of how to respond to that change.
Enterprise security player Futurex shares top data security predictions for 2023:
● Cloud adoption to increase
An organization seeking to migrate its workloads to the cloud has to find a cloud service provider that meets their cryptographic requirements and complies with data localization policy. However, not many cloud services have met these criteria. This partially explains India’s historical rate of cloud adoption, which sees larger organizations migrate slower and less often compared with smaller organizations like fintechs. This is starting to change, however. With organizations like Futurex establishing data centers in India and providing comprehensive cryptographic services through their cloud platforms, organizations of all sizes are being presented with better options for migrating to the cloud and staying compliant.
● Remote key loading (RKL): a sought-after use case
Point of sale (POS) solutions, such as those used by merchants to process customer payments, are secured with encryption keys. However, these keys must be exchanged with centralized servers on a regular basis in order to protect against cyberattacks. As a result, remote key loading (RKL) is becoming popular among organizations that develop and deploy POS solutions. RKL is powered by general-purpose HSMs that encrypt and manage keys, meaning there is likely to be more demand for these solutions.
● Fintech market growth
India is already a major hub for payment processing, but its financial technology (fintech) market is growing fast as well. There are currently thousands of fintechs operating in India, with around 100 having reached a valuation of $1 billion USD without being listed on Indian stock exchanges. As cloud solutions continue to gain traction within India, it will be easier for fintech startups to get their products to market in shorter time frames, and for established fintechs to expand their service offerings.
● General-purpose encryption demand
Many payments and communications organizations in India are familiar with general-purpose cryptography, as it is often used to issue digital signatures to authenticate messages and data. Futurex sees a rising demand for other general-purpose cryptographic use cases as well. One example is in the field of the internet of things (IoT). IoT solutions around the world are on the rise, and so are cyberattacks against IoT devices. In response, organizations are deploying digital signing operations to authenticate IoT devices and prevent network attacks. Another example is tokenization, where sensitive data is substituted for randomized strings to make it unreadable in the event of a breach. This relates to a general trend toward better database security.
● Centralized cryptographic services groups for encryption and key management
By 2023, more organizations will move towards centralized cryptographic services groups that handle all encryption and key-management needs. Currently, they split these functions across business units, geographies, or applications. A centralized cryptographic services group will lead to improved efficiency and enhanced agility, facilitating the deployment of cryptography in more areas of the organization.
● Complex infrastructure and compliant ways to secure data stored in the cloud
Post-pandemic, most companies are moving on-premise services into public, private, or hybrid clouds. This shift, however, poses new data security challenges and requires enhancement and protection of processes around services that moved to the cloud, supported by a complex infrastructure and compliance best practices. For example, document management may get changed and improved via encryption. Information stored in the databases will need to be encrypted instead of just being stored in cloud buckets. There is a need for an extra layer of protection to meet new challenges in addition to the mechanisms cloud services offer.
● Hardening of encryption to stay one step ahead of threats
Encryption is evolving. Globally, there are entities such as NIST (for general purposes) and PCI (for financial services), among others, that indicate the best way organizations need to handle information that contains sensitive data. These guidelines include a transaction, private document, invoice, or anything that involves money or information risk. With the growing information risk, the trend in encryption will be to harden as much as possible so that the hackers do not catch up with algorithms and find an easy way to decrypt what is encrypted.
● Encryption to become a must for all the markets.
Today, it is not enough to pass PCI or local government audits. With all new services moving to the cloud, encryption should move from an option to a must-have capability. The guidance applies to not only tier-1 enterprises but also every single business involved in handling information, money, data, or whatever needs to be protected.