What to expect for 2019?


What to expect for 2019?


In accordance with a study[1] performed by Gartner consultants, expenses with products and services associated with information security will reach $124 billion in 2019, a growth of 8.7% in comparison with 2018. This estimate reflects the challenges, without precedent, involving cyber security and data protection faced by companies (of all sizes, it is important to mention).

Digital threats develop at the same pace as technology progresses. We are not talking about a distant reality here, but rather about what is happening around us on a daily basis: technologies that are becoming more and more usual in a digital society, including facial recognition, the Internet of things, Internet 5G, drones, big data, artificial intelligence, DNA mapping, self-driving vehicles, smartphones, smart watches.

All technologies above are changing the limits and expectations of privacy, posing new challenges to civil society, the government, regulatory agencies, companies and organizations. If 2018 brought to light so many incidents, it made the reality of facts quite clear, that is, action and caution must be exercised to protect our data, no matter if we are in the capacity of data subjects, operators or controllers. 

Information security is a key factor to transform the digital society. And, in view of what had been studied so far, some behaviors may be crucial in corporate environments to prevent problems in the future, such as compliance with data protection regulations, local and international, risk analysis involving digital businesses and protection of intellectual property in online environments. To adopt a conduct compliant with applicable laws and regulations is the first step towards mitigation of so many risks.

And what about the year that is just beginning, what can we expect? Well, the first weeks of 2019 already combined two huge events. On January 17, a digital security researcher found a database with approximately 773 million unique e-mails and 21 million unique passwords[2], in one of the largest data breaches of the history. On January 21, the French data protection authority, CNIL, ordered Google to pay a 50 million Euro fine for lack of transparency and informed consent regarding its advertisements, as well as improper information.

Hence, it is clear that companies dealing with data are subject to security incidents. And, here, we include them all: giant technology companies and small neighborhood ventures. The cost associated with these incidents is high: identification of the problem, notice to users, regulatory fines, loss of reputation and business. 

These considerations lead us to conclude that a preventive conduct is the best strategy. Get to know your business, what sort of data is collected and how it is treated. Look carefully to the tools you use and, if necessary, seek an expert.