IDC Outlines Top Security Challenges for 2019 at RSA Conference

RSA Conference 2019: Increasing complexity of multicloud environments and security technologies are creating challenges for many organizations, according to IDC.

IDC breakfast 2019

SAN FRANCISCO—There is no shortage of challenges that organizations going through digital transformation face.

At analyst firm IDC's annual breakfast meeting at the RSA Conference here, analysts outlined the big challenges they see firms facing in 2019. IDC analysts also detailed why cloud and hyperconnectivity could well be contributing to more complexity and risk.

"We estimate that by 2020 more bytes will be stored in the public cloud than in all consumer devices in the whole world," IDC analyst Dave Reinsel said. "By 2022, there will be more bytes stored in the cloud than in enterprise systems around the world, and that increases complexity because you have to safeguard all that data."

According Rob Westerveld, research director of Security Products at IDC, there are three key challenges that IDC's surveys have identified as being the core issues for data security:

  1. Increasing attack sophistication. Westerveld said that it's a fair bet that since enterprises are investing in advanced analytics, so too are cyber-criminals.
  2. Increasing security risks associates with cloud adoption. Enterprises surveyed by IDC said that a key issue is integrating the security features available in cloud providers with security capabilities that the organization has already deployed. 
  3. Increasing complexity of security solutions. Not only are organizations have having trouble with cloud, there is also additional complexity coming from security technologies that is making it difficult for many organizations to do proper policy enforcement.

The Data Security Predicament

The core challenges that organizations are facing for data security have created what Westerveld referred to as the data security predicament. The issue is that across the multicloud deployment environment there are often inconsistent, poorly managed policy enforcement mechanisms. He added that often policy enforcement controls that enterprises are using were built for on-premises deployments and are now being extended, which has created issues. Those issues have led to organizations changing technologies in many cases.

According to IDC, 61 percent of surveyed organizations reported that they changed their data security or policy technologies one or more times due to the cloud. Among the challenges that led to the shifting technology uses are cloud platform gaps and disjointed functionality, regulatory compliance issues and data quality concerns.

Westerveld said what needs to happen across the industry is better interoperability to bridge data security silos. He suggested that what is also required are automated controls that are added whenever data is downloaded or shared. Overall, having shared telemetry across different technologies is imperative to prevent a disjointed approach and to help reduce data complexity.

During the Q&A session at the end of the meeting, IDC analysts were asked about their views on why there are few, if any, genuinely new and unique products being announced at the RSA Conference this year.  Frank Dickson, research vice president of Security Products at IDC, commented that it's important to remember that the Target data breach wasn't that long ago and there has been a lot of innovation in the years since then overall. 

"We not seeing any new big and bold solutions, but technologies are getting increasingly sophisticated," Dickson said. "We don't necessarily need something that is brand new; we just need stuff that's better."

Sean Michael Kerner is a senior editor at eWEEK and Follow him on Twitter @TechJournalist.

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.