Mobile World Congress 2018 has come and gone, and this year’s show was one of the best yet. There was less focus on specific models and operating systems and more on how the industry will use new technologies such as artificial intelligence (AI) and the Internet of Things (IoT) to solve customers’ problems across the full sales lifecycle. But the show was also about how we secure, manage and control these technologies, as well as how to comply with new and upcoming regulations such as the General Data Protection Regulation (GDPR). Three key highlights from this year’s show include:

Mobile maturation speeds up

Walking around the show, the emerging trends that stood out showed a general theme of maturity in the mobile market. IoT and AI technologies are expanding into new types of devices, and companies are beginning to think about how to apply these technologies to consumer problems, integrate them into everyday life and manage them successfully.

A session with chocolatier Nestlé illustrated this trend perfectly. Most people wouldn’t think of this company as being heavily involved in the mobile industry, but it is! Nestlé is heavily invested in using mobile technologies to improve the overall customer care experience. It was a huge moment to see a company like this speaking at Mobile World Congress because it means we’re finally seeing mobile technologies as an important part of how the customer lifecycle in general — not only in the mobile world.

Managing the customer experience across every touchpoint and every stage is a must in today’s marketplace, and new technologies must be integrated as they come into the market, no matter what type of company or industry you’re in.

GDPR: It’s not all about the fines

Everyone’s talking about the upcoming General Data Protection Regulation, but with that, there are a lot of misconceptions flying around. One of these is the headline-grabbing assertion that companies will be fined “up to €20 million ($28M) or 4 percent of group worldwide turnover,” whichever is greater. While this is possible, it’s also unlikely. If companies can prove that they’re making an effort to make data privacy a part of their overall company culture and are doing their best to meet GDPR compliance requirements, the ICO is unlikely to issue fines — especially in the next several years.

The session I attended, “GDPR Briefing: Cyber Security Impacts,” sponsored by Palo Alto Networks, was a good reminder of this fact, along with other GDPR best practices that went beyond mobile security and spanned all technology. The panel pointed out that the new legislation wasn’t a one-time project to be performed by your IT team; it’s an ongoing requirement across every country in the world that should be treated like any other compliance requirement. It’s not something to be afraid of, but rather to embrace.

The panel presented five steps for preparing for GDPR. These included:

- Visibility of information flow

- Tracking PII across the internal data lifecycle

- Enforcing business use cases

- Applying overall security best practices

- Preparing for quick Incident response

Another good point? Every organization should be on the path to GDPR compliance already, and if you aren’t, you should start preparing today. Though the penalties discussed are maximums, you are at risk of significant fines if not on your way to compliance.

Securing IoT devices: The Wild West of tech

IoT was a major theme of the show overall, so it’s no surprise there were plenty of sessions to attend around the topic. I attended an interesting session titled “Securing the Edge for IoT,” sponsored by Equinix, which covered how the company set up a network for customers to tie together the management of all their IoT devices. Beta product Nokia WING, in particular, was highlighted as a solution for bringing different types of enterprise networks together for easy management and to prove compliance.

According to IHS, there were about 15.4 billion connected devices in 2015. This number is expected to grow to 30.7 billion in 2020, and 75.4 billion by 2025. IoT spans many different types of devices — anything with an IP address can be an IoT device. The operating system, types of device and other elements can vastly differ. According to panel leader Ankur Bahn of Nokia, “Connectivity is the oxygen of IoT.” Connecting these devices is what makes IoT so attractive, but we can’t sacrifice manging the security of these devices for the sake of speed and efficiency. There’s currently no set security protocol for IoT devices, and they can be a significant security threat if they have personally identifiable information (PII) on them, as most do.

As the number of these devices continues to grow, the security industry must come together to determine best practices around IoT devices. Otherwise, we could be facing an entirely new wave of security threats that no one knows how to address effectively.


We expect the mobile industry to continue to mature over the next couple of years, with this year’s trends continuing to be at the forefront. We must determine how to manage and secure new types of AI and IoT devices, and never sacrifice security for the sake of “cool” new technology. In today’s age of cyberattacks, every piece of tech is at risk of being breached.

Russ Ernst is VP of Product Management at Blancco Technology Group.