2024 promises to be another robust year in the data protection industry as the pace of tehnological and regulatory change accelerates in the space. Gartner predicts that 75% of the worlds population will have their personal data covered by one or more modern privacy regulations. Other sources indicate a 14% increase in breaches while new privacy laws and frameworks (e.g AI and US state laws) will set new trends in data protection in 2024. As a result, the budget for privacy programs in large organizations have risen to over $2.5 per year on average to meet the challenge and job outlook in the sector is looking stronger than ever (read related article on job prospects in data privacy in 2024).
What are Gartners Five Trends?
Gartner identifes 5 trends including. Data localization, Privacy Enchancing Computation (PEC) Techniques, AI Governance, Centralized Privacy UX and Hybrid Everything.
With data localization they identify a trend where data privacy planning becomes more localized, taking local privacy laws more into account with respect of things like cloud storage.
With regards to PEC techniques, Gartner predicts that by 2025, 60% of large organizations will use at least one PEC technique in analytics, business intelligence and/or cloud computing. Privacy enhancing computation is a technique that ensures sensitive information is kept confidential when it is used by multiple parties to collaborate on tasks. It uses mathematical techniques that allow all parties to perform calculations on the data without explicitly sharing the information. It ensures the collaboration remains honest and that no security protocols have been breached.
With respect to AI Governance, Gartner reports that 40% of organizations have reported an AI related breach. More AI Governance techniques will come on-stream to control risky operations, particularly as AI legislation comes online (read our related article on Generative AI and what you need to know and view our Gen-AI security powerpoint training product which maybe a useful training tool for you and your environment)
Centralized Privacy UX solutions will continue to burgeon in popularity to manage privacy notices, cookies, consent management and subject rights requests (SRR) handling. Gartner predicts even greater adoption of self-service transparency portals to over 30% of organizations.
Lastly, Gartner sees more changes as a result of the Hybrid workplace environment as employers fulfill a desire for increased tracking and monitoring of their employees. Newer solutions will undoubtedly leverage AI for even more accurate (and instrusive) monitoring.
What’s IBM up to With Privacy?
IBM is heavily vested in their privacy enhancing technologies PET’s and 2024 see more adoption of AI privacy enhancing technology. They are researching Machine Unlearning (extraction of personal data from data sets) to meet GDPR right to be forgotten objectives. They are also researching how Differential Privacy can help to protect against unwanted inference on individuals’ sensitive data, and can be applied to data pipelines in concert with other PETs, such as Federated Learning and Data Privacy Risk Assessments.
What’s Microsoft Doing With Privacy in 2024?
Microsoft will see continued development of their Azure Confidential Compute (PEC) offering. From their page, they describe this service as a way to Increase data privacy and security surrounding business and consumer data by protecting data in use. It does this by enabling multiparty data analytics and machine learning that combine datasets, keeping data private among participants.
What’s Forrester Predicting?
Forrester has much to say about the perils of AI data. They forsee that there will be at least 3 data breaches caused by Generative AI generated code in 2024. They explain it as “As developers embrace AI development assistants known as TuringBots to generate code and boost productivity, the most conscientious orgs will scan that code for security flaws. Unfortunately, some overconfident dev teams will trust that AI-generated code is secure”.
Forrester also predicts that An app using ChatGPT will be fined for its handling of PII. This is on the back of task forces being setup by the EU’s EDPB and the FTC in the US. Open AI has created alot of attention in 2023 and not all of it good. Forrester like other industry analysts sees the emergence of AI powered social engineering attacks to accelerate in 2024. In response, security awareness training will swing more toward an adaptive human training approach over older static compliance training methods.
As a practitioner in the field, it’s important to stay plugged in to the threats so have a look at our ‘Privacy and Security Links to follow in 2024‘ page for ideas on privacy resources to follow in 2024.
Why not checkout our Shop for our popular security and privacy training presentations for employees downloads.
|
Leave A Comment