The digital world is changing fast, and security leaders are grappling with challenges that keep multiplying. We’re seeing a surge in both the number and sophistication of cyber threats, spurred on by geopolitical issues and cyber warfare. To tackle these rising dangers, we need a proactive and strategic approach that can spot and lessen potential attacks.
At the same time, the rules around security are tightening up. New regulations like the Cyber Resilience Act, NIS2 Directive, and the Digital Operational Resilience Act (DORA) are pushing organizations to step up their security game. But let’s be real: navigating these complex regulations isn’t easy.
We face a landscape where threats are evolving, and the regulatory environment is shifting, making solid data protection strategies more important than ever. Technologies like quantum computing add another layer of urgency. Although we’re still in the early days with quantum advancements, developments like Google’s Willow chip show us that traditional encryption methods might soon be in trouble. It’s crucial for organizations to start adopting quantum-resilient security measures to safeguard sensitive data from future risks.
We should think of data privacy and security much like we do insurance. Both are about anticipating risks and protecting ourselves before something happens. Just as insurance helps us recover from financial losses after an unforeseen event, data privacy measures shield us from breaches and cyber threats. The focus should be on prevention, ensuring that we have safeguards to lower the impact and keep control over how our data is used.
Now let’s talk about the Digital Operational Resilience Act (DORA), which just launched this month. It’s designed to strengthen the EU’s financial services sector and set a standardized way to manage technology-related risks. Cybersecurity tools have improved significantly, but so have the tactics of cyber attackers. Traditional security methods just don’t cut it anymore.
In the past, cybersecurity mainly looked at protecting data that was stored or transferred. DORA changes the game by stressing the need to secure data in use, especially when sensitive information is actively being processed, like customer data in financial systems. Current solutions aren’t foolproof, and that’s why we need to think about incorporating emerging privacy-enhancing technologies (PETs). These technologies vary in complexity, and some require a high level of technical skill to integrate into existing systems.
One standout option is Fully Homomorphic Encryption (FHE). This technology allows you to perform calculations on encrypted data without ever having to decrypt it. So, even if attackers get their hands on the data, it’s not beneficial for them. Coupling FHE with other PETs, like federated learning or differential privacy, can significantly boost how we protect data in use.
But let’s be clear: using PETs alone won’t solve our problems. Security leaders need to combine different emerging technologies to bolster their defenses.
Moving forward, security leaders can better navigate the maze of new national and international regulations by taking a proactive stance on compliance and protection. They should weave advanced privacy-enhancing technologies into their security frameworks to tackle evolving threats while meeting regulatory standards. Working alongside regulators, peers, and technology partners is key to aligning with new best practices and standards.
We’re in the early days of adopting next-generation security technologies and compliance measures, but the direction is clear. As organizations operate in a more interconnected and unpredictable environment, securing data and systems has become essential. Keeping an eye on potential threats, embracing technological innovation, and encouraging collaboration will help organizations stay compliant and resilient in today’s challenging landscape.
Dr. Nick New is the CEO at Optalysys, and he has a background in Optical Pattern Recognition from Cambridge. At Optalysys, he is pushing the boundaries of silicon photonics and Fully Homomorphic Encryption.