Corporations, academic and scientific institutions, healthcare organizations, and government agencies work with extremely high stakes if data is susceptible to disruption or exposure. As we—as individuals and entities—continue to integrate our virtual worlds with the physical one, vulnerability increases as convenience does. According to IBM’s 2020 Cost of a Data Breach Report, a data breach costs an organization an average of $3.86 million. In the United States, the average cost is more than double the global average at $8.64 million.
In 2020, many factors are combining to accelerate the need for innovative data security solutions. Healthcare facilities, overwhelmed by COVID-19, are finding themselves increasingly threatened by cyberattacks and ransomware attacks. The global pandemic has also vastly increased the number of employees working from home. These remote workforces rely on the cloud to access information essential to their jobs. This cloud-based information, especially in situations where the cloud was hastily implemented as a reaction to social distancing measures, is more susceptible to cyberattacks.
Customers expect personalized experiences on- and offline, which require data. For example, “fast fashion” retailer H&M stocks stores based on purchases, returns, and other aggregate behavioral information. At the same time, data protection solutions are shaped by privacy concerns and resulting regulations. Europe’s General Data Protection Regulation (GDPR) is driving significant growth in the region’s Data Protection-as-a-Service (DPaaS) market. The market, currently valued at $1.51 billion, is “expected to reach USD 3.81 billion by 2025.”
3 Innovative Data Security Solutions
Analysts, systems engineers, software designers, and others are reviewing past data security errors while predicting and preventing future problems. These innovators are finding solutions to security threats, data breaches, unauthorized information sharing, and data misuse. Their new algorithms and novel mechanisms are at the front line, working against hackers and data abusers.
These are three examples of innovative approaches to data security technologies.
1. NYPA and Siemens Energy AG’s Center of Excellence
The New York Power Authority (NYPA) and Siemens Energy AG announced a partnership aimed at addressing power grid hacks. The research lab, dubbed a “Center of Excellence,” will work with the goal of strengthening the grid, which is especially vulnerable due to its tendency to use merged IT/OT systems. Other industries, including manufacturing, facing the same challenges are also proposing innovative solutions.
2. Homomorphic Encryption
Homomorphic encryption, which allows users to work with encrypted data (rather than decrypted, and therefore vulnerable, data), is a focus of innovation. The technology is referenced in a July 2020 publication found with a concept search in IP.com’s Prior Art Database. The abstract of <em>Secure Computation Architecture for Client-side Encryption</em> notes, “we propose a system that allows sensitive data to be encrypted on a field device, processed in the cloud, and shared with generic user devices instead of only on the original field device.”
This technology was also a topic of conversation at the 2020 State of Innovation in Cybersecurity.
3. Adapting to Quantum Computing
The adoption of quantum computing will “deliver huge leaps forward in processing power,” according to the MIT Technology Review. However, today’s data protection solutions aren’t designed for quantum computing. As noted at the 2020 State of Innovation in Cybersecurity, “Once quantum is ubiquitous, older encryption standards will in many cases become obsolete.”
One solution to this data security challenge was recently published in the Internet Society Requests For Comment (RFCs). The authors state, “It is anticipated that [Internet Key Exchange Protocol Version 2 (IKEv2)] will be extended to support quantum-secure key exchange algorithms; however, that is not likely to happen in the near term. To address this problem before then, this document describes an extension of IKEv2 to allow it to be resistant to a quantum computer by using preshared keys.”