As seen in Third Certainty

Companies and consumers are certain to plunge deeper into mobile computing in 2016, exposing themselves to a Pandora’s box of unprecedented security and privacy risks.

Meanwhile, a profound tempering force—the rise of cybersecurity insurance—will gain significant traction.

That’s the consensus of a group of security and privacy thought leaders interviewed by ThirdCertainty. Here is Lance Cottrell’s assessment of how these intensifying developments will converge in the new year:

Converging solutions

To be sure, tech security vendors are hustling to give companies innovative technical solutions. Gartner research director Lawrence Pingree calculates global spending on security hardware and software will continue growing at a robust 9 percent a year clip, topping $99.2 billion by 2018.

A good chunk of that spending will go directly toward locking down mobile computing. A lot of work is being done, for instance, to create more robust online credentials, such as fingerprint readers and other biometrics, says Lance Cottrell, chief scientist of Ntrepid Corp.’s Passages security consulting arm.

However, Cottrell notes “there’s a lot of inertia to overcome, a huge amount of infrastructure built around the common ways to do things.” It could be another 10 to 20 years before secure means of identification are in place, he says. And that won’t happen without creating other problems.

“The bad actors are not restricted to only attacking in one way—so if you make that path more difficult, they’re going to move to the next easiest thing,” Cottrell says.

This omnipresent, constantly shifting threat gives impetus to the insurance industry’s efforts to bring to market affordable cyber liability policies. Indeed, organizations globally are on track to spend $7.5 billion on cyber insurance premiums by 2020, tripling the $2.5 billion spent in 2014, according to PricewaterhouseCoopers.

As technical solutions and insurance coverage converge, company decision-makers will have more and better options to implement risk mitigation strategies to fit the mobile computing landscape.

“Companies are looking to mitigate the risks by insuring … and insurance companies are looking at how to measure security in quantitative ways,” Cottrell says, adding that this is driving a lot of new research.

Cottrell, for one, believes the insurance industry could “force companies to implement solutions that really work, rather than being compliance-based.”

Read Third Certainty’s complete article