In a recent podcast interview with Cybercrime Magazine's Host, Charlie Osborne, Heather Engel, Managing Partner at Strategic Cyber Partners, discusses the global data storage predictions from Cybersecurity Ventures. The podcast can be listened to in its entirety below.
Q: Joining us today is Heather Engel, managing partner at Strategic Cyber Partners. Heather, welcome and thank you for joining us today.
A: Hi, Charlie. Thanks for having me.
Q: For this Data Security Podcast, I'd like to begin by introducing you properly to our listeners. Can you tell us a little bit about your background?
A: Absolutely. Well, as you mentioned, I'm the Managing Partner and Founder of Strategic Cyber Partners, and we specialize in cyber risk management as well as strategic planning when it comes to cyber for our clients. And my background is pretty varied. I started out doing very technical work, working a little bit in architectures and networking, and then have shifted into primarily information security and risk management.
Q: Thank you, Heather. So, for today's topic, we're going to be discussing a data-related prediction released by experts at Cyber Security Ventures. Total global data storage is projected to exceed 200 zettabytes by 2025, according to Cyber Security Ventures. This includes data stored on private and public IT structures on utility, instructors on private and public cloud data, centers on PCs, and on Internet of Things devices. Heather. What do you think about this statistic? Do you think we will see data storage exceed 200 zettabytes in the near future?
A: Well, I do. And I think for a lot of people, the idea of a zettabyte is too large to even comprehend. But when you think about the amount of data that's generated just by turning on your PC, everything that we do creates data. And so it makes sense that we're going to start to see data storage exceed 200 zettabytes. It's a large number, but it's going to keep growing. And, as I said, as we continue to add more devices, whether they're IoTs or PCs, we're creating data with pretty much every action that we take both online and offline while we're using technology. So, I do absolutely think that this is a legitimate prediction.
Q: And furthermore, Cyber Security Ventures predicts the total amount of data stored in the cloud will reach 100 zettabytes by 2025, or 50% of the world's data at that time, up from approximately 25% stored in the cloud in 2015.
Now, we know that one of the most valuable currencies today happens to be data. So, how could these massive storage amounts impact cybercrime trends?
A: Well, this is an interesting question, because when we talk about data, not all data is as valuable as other pieces. Not all data is protected the same way. And this is something that we teach our clients.
We have to get a good understanding, not just for our personal data, but as an organization, if your company is handling data, and even really, when we look at it as a greater trend for our society. We have to get a good understanding of what data is really the most valuable, and then what's a little bit less valuable. And so on. You know, down to where we have information that's not necessarily worth protecting. Right?
We have this when we do this type of work for our clients. And, typically, we start with three categories of data, which would be publicly held data or public data, and this would be information that's marketing information, things that you want to be out in the public. And then, we have protected or confidential data, which is information that we wouldn't necessarily want to get out. This might be our strategy. It might be information about our security infrastructure. And then the third category is what I call "regulated." So this is information that's protected by law, or there will be some sort of regulatory compliance that's required for you to secure and protect that data in a certain way. And so, just like when we do this on a smaller scale as a society, we have to start to look at yes, data is a valuable currency, but not all data is as valuable. You know. Some of it is a penny, and some of it is a dollar to speak in terms of, you know, the U.S. economy.
Q: And would that have any impact? And what would it mean for defenders in the future?
A: Yeah, I think exactly what we just talked about. It means for defenders, we have to get a really good understanding of what data is worth protecting. And where do we put our resources? Because you can't protect everything the same way. There's too much, right? We just talked about that massive scale and massive amount of data. So we really have to take a step back from the tools that we look at and actually say, "Okay, what is the data that is the most important? What is worth protecting? And where do we get the most return on our investment?"
We'll be right back after a quick word from our sponsor.
Cimcor develops innovative next-generation file integrity monitoring software. The CimTrak Integrity Suite monitors and protects a wide range of physical, network, cloud, and virtual IT assets in real-time. While providing detailed forensic information about all changes. Securing your infrastructure with CimTrak helps you get compliant and stay that way. You can find out more about Cimcor and CimTrak on the web at cimcor.com/cimtrak, that's C-I-M-C-O-R .com / C-I-M-T-R-A-K.
And now, back to the podcast.
Q: Speaking of tools, does artificial intelligence have a place in helping us protect these data repositories?
A: Oh, yeah, it absolutely does. I mean, AI right now is changing the face of cybersecurity even more rapidly than I think anyone could have predicted. And there is both this idea that we can use AI to help us with risk management, and then there's also this idea that when you're going to use AI, you have to use AI itself securely to manage the data that AI is creating, and when you're training it as a tool. So, it absolutely does have a place in helping us protect these data repositories. I said initially that a zettabyte is a number that's so large that a lot of people can't even comprehend that, and that's really where AI comes in.
Q: And do organizations need to do more now to ensure the protect the data they store and achieve compliance to modern privacy standards?
A: Well, I think that depends on the organization. You know, a lot of organizations are doing a really great job, and they may not need to do more. But there are many, many, many organizations who either don't know what they don't know, or they could use a little bit of help understanding where they get the best return on the investment for protecting their information.
Q: And if an organization feels they may need some advice in this realm, what advice would you give?
A: Yeah. Well, first, you're gonna look at the data that you have. We talked about those different categories and ways of looking at it. And you really want to take a look at the resources that you have available because this isn't easy to do. These are the kinds of things that it takes a talented team of technical people to work with you on this. And so also, remember that this is not just an IT problem, because the IT folks in your organization may not be the ones who are best equipped to tell you which data is the most critical, or which data is gonna be protected by regulations. That really comes from the business side. So, the best advice that I can give is when we're doing this, even though we're talking about IT security and data security. It really is a whole organization initiative.
Q: Heather. Thank you for joining us today.
A: Thank you for having me.
