Organisations will need to take a more proactive approach to information security or suffer the consequences.
This is one of the main conclusions of the report based on research by PricewaterhouseCoopers (PwC) into the likely information security trends until 2020.
"We see a lot of change coming in the next 10 years which will require all organisations to take a more proactive approach," said Andrew Tyrer, leader, network security innovation at the UK Technology Strategy Board, which commissioned the work.
The research report is intended to help shape the Technology Strategy Board's investment in support of innovation as well as drive innovation across UK industry, including information security suppliers and consumers, he said.
"We want the findings to help UK organisations create wealth as well as make the UK a safer place to do business," Tyrer said.
The research, released at the Infosecurity show in London, highlights seven key trends impacting information security to 2020.
Mobile Infrastructures, an explosion in data and an increasingly connected world, top the list.
"It shows change is coming in the fundamental building blocks of communication technology, said Barry Jaber, assistant director, strategy at PwC.
With the number of connected devices worldwide expected to increase from 1.7 billion to 5 billion by 2020, the number of threats to information security is likely to grow, he said.
The proliferation of mobile computing devices with different operating systems will create more opportunities for cybercriminals, said Jaber.
But, he said, information security should and could also be an enabler, especially to emerging technologies such as cloud computing, where many organisations are seeking assurances.
Other trends that will require more proactive approaches to information security include the increasing number of financial transactions online, increasing business use of social networking, and a decrease in face-to-face interactions in business.
Cash transactions will decline from 33% to 29% by 2013 and digital identity will emerge as one of the biggest challenges, said Jaber.
New technologies, he said, could make it easier for criminals to impersonate individuals and organisations.
Again this presents an opportunity for suppliers to step forward to provide new ways of humans to establish trust in an increasingly online world.
The research has shown that the traditional view of information security as risk mitigation will not be enough in the coming years, said Jaber.
Instead organisations will need to recognise the importance of a broader approach that can provide differentiation and competitive advantage. For organisations that do not adapt, the cost of inaction will increase over time through things such as loss of market share and increased supplier costs, he said.