Smartsheet's security predictions for the upcoming year
The predictions:
1. Transitioning from digital to work transformation will become a top priority for IT departments
In today's business climate, organisations are under pressure to adapt to market changes faster than ever before - take the recent wave of generative AI tools and applications as an example. And businesses that can transform quickly when they spot a market change or opportunity have a notable competitive edge.
CIOs and IT departments can support their organisation's digital transformation plans by giving their employees access to the tools that will enable them to work better.
These days, that often means giving your employees the freedom to experiment with new technology. When users look for new ways to get work done, the solutions they find can be the seeds of innovation and the key to unleashing productivity and efficiency. This is where digital transformation becomes work transformation.
Balancing innovation with IT control remains necessary, but striking the right balance will allow employees to harness new digital processes that create agility efficiency, and ultimately drive innovation—all while ensuring ongoing security. Once employees are empowered to transform how they work, bigger business transformations can occur.
2. There will be a renewed focus on zero-trust models
In today's hybrid work environment, people rely on more devices, apps, and services than ever, many of them hosted in the cloud on systems that are physically outside the control of corporate IT.
This new landscape requires a zero-trust model. This model is exactly what's on the label: nothing is inherently trusted. Instead of trusting anyone inside a perimeter, it authenticates before granting access to data. Everything – systems, connections, communications – is authenticated and validated.
In the coming year, we'll likely see organisations add extra layers to their models. For example, some organisations might add role-based security, allowing them to define roles for different types of users and manage their access accordingly. This will enable them to protect sensitive information while reducing the barriers to access for authorised individuals. organisations may also add time-based access, allowing them to manage users' access to information based on the length of the project they're working on.
Additionally, Generative AI has huge potential to strengthen data security and add an extra layer of protection. Nobody can manually monitor all the data flowing through their business; intelligent systems need to take on that burden. Machine learning can grow to "understand" what's normal and flag anything that isn't.
3. Security partnerships will become even more important
In the era of cloud and AI, much of a company's IT infrastructure is no longer internal and on-premises. As a result, security has become an increasingly complicated dance. You must rely on multiple partners to keep your data and employees secure, so you need to ensure you're choosing partners you can trust.
Some specific security aspects will always be your responsibility if you're a consumer of cloud technology, such as vetting to whom you give licenses, their assigned roles, and compliance with organisational policies. You also have to decide what data to store on the platform and who can access it. But beyond specific areas of responsibility such as these, you're depending on your vendors to secure your data, keep services up and running, and help you achieve your business and technology goals.
This has become especially important with the rise of generative AI tools – you need partners who will be responsible with your data when innovating with and incorporating AI capabilities into their products. And partners are actively working with this technology: IBM found that 93% of surveyed IT executives reported already using or considering the use of AI for security operations.
Carefully evaluating providers and partners and making decisions based on trust is essential. We need solutions and solution providers to work together to help us ensure security for our systems, organisations, and data.