Rubrik CISO Rinki Sethi’s outlook on upcoming trends in privacy and security culture, automation, and culture – trends set to impact the near future of the enterprise.
A cybersecurity veteran that has built and grown technical security teams at Fortune 500 companies (IBM, Palo Alto Networks, Intuit, others), Rinki knows how to successfully implement internal cybersecurity strategies and can be a great source for you. Now at Rubrik, the Multi-Cloud Data Control company, Rinki has unique thoughts on the industry.
Security, Culture, Compliance, and Privacy will come together:
Most businesses compartmentalize security and privacy responsibilities into specific, separate organizations in the hopes of streamlining operations. For example, when a company develops a GDPR-related security initiative, the work will run through the privacy or compliance organization that generally report into a legal team. This organizational structure may have worked well in the past, but now with all the overlap between security, privacy, and compliance it is important that these functions are brought closer together both in organizational structure and in how they collaborate – instead of reinforcing traditional silos that businesses are hard to break down. In 2020, we’ll see businesses start to rethink how they are organized around security, privacy and customer trust, enabling teams to work through industry challenges with a more holistic approach, giving rise to one larger organization such as a Data Trust Office.
Automation will become a core investment to retain top security talent.
Much has been made of automation taking jobs, but in reality the opposite will happen – automation will be the key to retaining top talent. A major reason people leave their jobs is a lack of meaningful work, and businesses are increasingly turning to automation and other tactics to eliminate monotonous work that high potential employees would not find challenging. Rather than hiring talent in an already extremely competitive space to handle tedious tasks, a strategy in which employees are encouraged to automate repetitive tasks – will not just retain existing talent but will also attract new talent.
Also, as automation replaces mundane work, employees will have the time to learn new skills and find opportunities to focus time on what gives them a sense of purpose. As businesses seek to drive employee satisfaction, they’ll also find that hiring talent from non-traditional security backgrounds will bring much needed thought diversity in the security industry to solve the toughest challenges ahead of us.
Developing a security culture will no longer be just a compliance check-the-box activity:
Driving security trainings with a two-hour, check-the-box training is ineffective and a complete waste of resources. In fact, it might even create a false sense of security for trainees if it doesn’t provide tools that employees can use to strengthen security practices. In 2020, companies will be more strategic in how they use their employees’ time when building security culture and awareness. More specifically, we will see a refocus on programs that build up better security behavior with interactive training that teaches employees how to identify bugs, hack their own work, avoid phishing scams, and more. The stakes for security will always be sky high, and these types of trainings are key to solving a problem that has yet to be truly solved: ensuring every employee is armed with security best practices that they can and do leverage in day-to-day work.