Predicting the Business Impact of 2013 IT Trends

Predicting the Business Impact of 2013 IT Trends
By
Ramsés Gallego

It is fair to say that the present economic climate is depressed, with little sign of a recovery as we enter into another new year. While we continue to live in ‘crisis mode’ it does not necessarily have to translate into hindrance to progression. In fact, for the opportunistic it can be the perfect springboard to rise from the ashes. Rather than skulk away and hope to ride out the storm, I advise we look for new ways to reinvent the way we do business; but just make sure we do so securely. Rather than doom and gloom, I think the next 12 months could witness the greatest transformation to the way we work for decades—and I am excited.

2013: The Year of Collaboration

The economic depression has already resulted in greater collaboration between businesses and organizations. In the next 12 months, I believe it will develop to form the basis of ‘always-on’ collaboration. The explosive combination of cloud, with increased mobility, plus advancements of social media will see many utilizing a heady mix of communication channels to remain in touch: instant messaging, email, video-chat. 2013 is the dawn of the post-PC era.

A ‘Cloudified’ World

The foundations of cloud have been sunk, and there they will remain, as companies have invested billions of dollars into it. What will change is its infusion with the fabric of operating systems—meaning increasingly more people and organizations will embrace it. Unfortunately, however, the name does now have negative connotations; so in all probability, time will see it rebranded—be it Air, Vapour or even Breeze. I predict, as most operating systems have seamless integration with the cloud, there will be the advent of the ‘Personal Cloud’ before anyone notices.

ISACA’s 2012 IT Risk/Reward Barometer shows that IT professionals remain wary of public clouds; 69 percent believe that the risk of using public clouds outweighs the benefit. Opinions of private clouds are the opposite—the majority (57 percent) believes the benefit outweighs the risk. Other findings include:

Big Data

For too long, organizations have been collecting information with the result that many are drowning in a sea of data. But that could be about to change. To reverse this trend, organizations will not only require storage, but introduce the right architecture and technology that will allow the digestion of this ‘information overload’ to analyze and convert it into actionable intelligence.

Enterprise App Stores

Combined with bring-your-own-device (BYOD), I predict companies will need to introduce their own marketplaces. These ‘app stores’ will allow the provision of the workforce and their devices. It will mean central decisions can be made dependent on who the person is, what they are doing, where they are and when they are doing it. When linked with existing identity and access management solutions, it has the potential to deliver a powerful combination.

Context-Aware Computing

Continuing on from the previous theme, and its relevance to identity management and access governance, companies will need to reevaluate their deployment of RBAC (Role-Based Access Control). I believe the time has come for the introduction of CBAC (Context-Based Access Control) or perhaps ABAC (Attribute-Based Access Control). Access to sensitive information should be permitted dependent on who someone is, combined with when, where and how they are connected.

Beyond Management: Governance

Segregation of duties is an increasingly complex issue organizations are struggling to comprehend. However, there has to be a differentiation in terms of who does what. Management (execution, tactics, running the environment) needs to be separated from governance (having the vision, evaluating, directing). ISACA’S COBIT 5 will provide a solid foundation for organizations, which is the first framework that establishes the need to separate roles.

The ‘Internet of Things’

The world is changing very fast and, while this might be true, I believe countries or even vast organizations will start to develop their own Internet and this trend will continue. One driver of this trend I believe is political but could also be to introduce protective and preventive measures—a secure Internet, or a place where safety can be assured. What is for certain is that, with more than 200 billion devices connected, the beginning of ‘The Internet of Things’ is just around the corner.

Growing Privacy Concerns

In the coming year, IT professionals will have to manage not just threats of data leakage and identity theft, but also growing consumer and employee concerns about data privacy.

The protection of private data often referred to as personally identifiable information (PII) is the responsibility of both organizations and individuals. Organizations need to ensure that PII is managed and protected throughout its life cycle by having a governance strategy and good processes in place. Individuals must think before they provide their PII to a third party; your bank is very different to an offshore gambling website. People need to be aware of the value of the information they are providing and assess if they can trust the party to whom they are giving it. Data protection involves improving people’s awareness using best-of-breed technology and deploying sound business processes.

The consumerization of IT, confidentiality of location-based information, privacy-by-design, and an increase in legislative and regulatory mandates that will drive more privacy audits are among the top 2013 trends in data privacy that ISACA anticipates will need to be addressed.

COBIT 5 helps business leaders govern privacy, evaluate the risk around privacy ensure proper security management and effectively govern sensitive information. The framework is available as a free download from www.isaca.org/cobit. For free resources that help calculate cloud ROI and help ensure security in the cloud, visit www.isaca.org/cloud.

Ramsés Gallego is International Vice President of ISACA and Security Strategist for Quest Software, now part of Dell.