Infosec 2010: Prepare for the information security revolution, says PwC

New report shows how information security threats will evolve until 2020

Organisations will need to ensure that they take a holistic approach to determining individuals' identity

Trends including the increase in web data and the number of people accessing the internet will have implications for information security in the future, says a report by PricewaterhouseCoopers (PwC), commissioned by government body the Technology Strategy Board.

Barry Jaber, assistant director of strategy at PwC, explained that the trends we’ll see in the next decade already exist today, but will gain traction as organisations rely more on electronic information.

Social networking will continue to rise in popularity, enabling people to maintain “multiple identities”, such as a different online personas for work and personal life.

However, PwC explained that multiple identities need to be managed carefully, citing an example of a senior executive at a mergers and acquisitions body who continually posted his geographic location – as if he was updating a Facebook page – via social networking site LinkedIn.

This potentially gave away too much information to competitors and criminals, said the company.

The huge increase in the amount of data available on the web is largely the result of the number of people who have internet access. This will mean more money is transacted online, which will attract cyber criminals.

Managing information security in the workplace

Additionally, the way information security is viewed in the workplace will need to evolve, according to the report. Currently, the return on investment for IT security expenditure is used to justify spending on specific security initiatives or solutions.

But organisations should recognise that a holistic approach to information security can create a competitive advantage for their business.

CIOs will need to ensure that a strong information security culture is embedded throughout every level of their organisation and governments must focus on ensuring that regulation is consistent between countries, owing to the global nature of cyber crime.

Those who continue to take a reactive approach to information security will, over time, incur rising costs, warned PwC.