Information Technology research and advisory company, Gartner, presented its top predictions for the cybersecurity industry for 2017 earlier this year. With the number of data breaches and cybersecurity attacks growing every year, it’s becoming increasingly important for businesses of any size to think seriously about their digital security policies and plans.
Going forward, we can expect the trend of ransomware attacks to continue, more malware designed to attack smartphones and mobile devices, a growing number of Internet of Things devices, all with their own security concerns, and increasingly sophisticated cyber-attacks.
So how must the cybersecurity industry adapt and grow in order to defend against this onslaught? It’s clear that more funds and resources must be dedicated to cybersecurity, with cybersecurity spending expecting to hit $170 billion by 2020. But defense against cyber criminals is not just about increasing spending. The entire cybersecurity strategy for any organization must be reviewed and updated regularly in order to keep up with new risks and technologies.
Table of Contents
1. Balancing Business Risk with Resilience of Systems and Data
As the scope and complexity of available technology continues to grow and expand at an ever-increasing rate, it is important for companies to keep up with the new opportunities that these technological advances bring, even if they come with additional security risks.
Those who fail to adapt new technologies due to security concerns may well be left behind.
Rather than adopting a policy of avoiding risk altogether, it is more realistic for modern companies to build resilient systems that can resist and recover quickly from attacks.
It’s also necessary for businesses to balance data privacy and security against trust and transparency, potentially investing more into security training and monitoring than attempting to avoid security threats.
As cyber attacks become increasingly complex and difficult to avoid, a people-centric security approach provides the best opportunity to avoid and recover quickly from attacks on data. Based on a foundation of solid security training, the people within the company can be given their own security responsibilities and a well-implemented monitoring and threat detection system can support this.
2. Previously Separate Security Policies Must Overlap and Converge
Information security, IT security, and physical security are no longer separate concepts. As the world continues to become more connected and The Internet of Things means that more physical objects are brought online, there is an increasing need for security officers to expand their skillset and a blurring of the lines between different types of security.
As an increasing amount of data is likely to be stored and accessible from the cloud, a physical security policy intended to protect paper files is no longer appropriate or sufficient.
Likewise, physical security systems such as cameras and alarms now often rely on the IT systems behind them.
The methods of security also need to evolve from being defensive and reactive to being proactive and anticipating security threats before they occur.
In this changing security landscape, it is vital that security staff are educated on their changing roles and responsibilities and it may also be necessary to develop new roles for security specialists and consultants.
3. Increased Complexity and Need for Securing The Digital Supply Chain
The growing popularity of SaaS applications may seem to simplify IT for an organization in terms of reducing the need to install and upgrade software and managing hardware and data storage needs.
However the security requirements of managing so many different and overlapping applications in terms of privacy, compliance, access control, service monitoring, and threat control, becomes increasingly complex as more software is added to the system.
This has led to the development of multicloud, multifunction management consoles, which are expected to become more powerful and adopted by many more organizations in the coming years.
An overarching cloud security policy is essential, as well as cloud security software that can be used to monitor activity across the growing number of cloud applications and anticipate and block threats.
4. Adoption of Adaptive Security Architecture
It’s no longer sufficient to install a firewall and the latest antivirus software and hope for the best.
It’s impossible to stay ahead of hackers and cyber criminals all the time. A more realistic and effective approach for modern times is to adopt security systems that continuously monitor and respond to threats, rather than the difficult task of avoiding any data breaches completely.
Such a system should include:
- Risk assessment
- Anticipation of attacks via threat intelligence
- Attack prevention through hardening of IT systems
- Incident detection
- Threat prioritization
- Incident isolation
- Threat recovery
- Post-incident report and adjustment of security policy accordingly.
Going forward, less of the company security budget should be spent on prevention and more should be invested in sophisticated intelligent threat prediction and detection, which can terminate and isolate attacks as soon as they occur.
5. Security Application Testing Must Be Embedded Into the Software Lifecycle
It’s no longer sufficient to conduct security testing only once at the time a new software program is deployed. The number of applications and code libraries used by an organization are growing all the time and the older this code becomes, the more vulnerable it is to malicious attack.
Applications no longer all come from an in-house IT department. Sources of software now include outsourced applications, Shadow IT (applications installed without the approval of the IT department), internet applications, cloud applications and mobile applications. It is not always realistic and can be limiting to ban all 3rd party software from your organization, but it’s also vital not to rely on the built-in security of these 3rd-party applications.
It is important for all software to be continuously tested for security holes and vulnerabilities, with regular testing embedded into the lifecycle of the software.
6. Data Security Policies and Governance Must Be Implemented By Organizations
The amount of data stored and used by a single organization grows exponentially over time. It is vital to implement a data-centric security approach that includes data classification and security, secure monitoring and auditing of user activity and protection via reports, analysis encryption and blocking access if necessary.
Big data is the accepted term for data sets that are so large that traditional processing applications for storage, transfer, search, and analysis are no longer adequate to deal with them.
As more companies need to deal with big data every year, it’s important for them to embrace cloud technology in order to deal with this data, and develop a strategy for managing and maintaining security in the cloud.
7. Digital Business Will Drive Digital Security
Businesses are becoming ever more high tech and connected and as their needs and demands grow, so too will the digital security industry in order to meet these needs.
The security needs of digital businesses include more sophisticated security policies and management, advanced monitoring, detection and auto-response systems, and more secure access control.
The challenge is providing all these things in an environment that is huge and growing and has diverse needs.
As the Internet of Things moves out of science fiction and into reality, the security needs of businesses and individuals will continue to grow.
8. A Major Attack is Imminent
As hackers continue to gain ground in the battle between big business and cyber criminals, the chairman of the National Cyber Management Centre in the UK, Prof Richard Benham, predicts a successful attack against a major bank. This is likely to have serious consequences in terms of consumer confidence and all online transactions going forward.
A major attack already took place in November 2016, when £2.5 million was stolen from Tesco Bank customers and with the Internet of Things continue to grow, the opportunities for hackers to find a weakness increase.
9. Cloud-Based Services Will Be Under Attack
As more data is migrated to the cloud, the potential rewards for hackers increase. There is likely to be an attack on a major cloud provider, which could attack all of their customers, possibly including large businesses.
We already know that ransomware has started to infiltrate the cloud. In fact, hackers can use the fundamentals behind the working of the cloud as a way to spread ransomware more quickly. Large data centers are an attractive target for hackers using ransomware as they hold the most sensitive information, which can be very lucrative when the owner is forced to pay to recover the data.
Now is the time to ensure a robust disaster recovery and backup plan for any individual or business using the cloud.
10. An Increase in Hacking for Political Objectives
While hacking will continue to be inspired by financial motives, there will be an increase of attacks carried out with authorization from certain countries’ political figures and the new threat of ‘cyber terrorism’.
In 2017 we may possibly see the first cyber attack that is considered an act of war, which may include physical disruption to infrastructure such as power grids as more cities around the world move their systems online.
11. Increased Risks for Users of Apple Hardware
Until fairly recently, users of Apple hardware and software considered themselves to be immune from viruses as there were so few malicious applications around targeting these devices.
Now, as the use of iPhone and iPads has increase the market share of devices accessing the internet dramatically, attackers are more likely to target weaknesses in iOS and this may eventually overtake Microsoft in terms of vulnerabilities as security continues to improve on Microsoft operating systems.