| 16 January 2013
It’s the time of year again when IT security experts predict what the year will bring.
.Justin Coker, VP of EMEA Markets, Skybox Security, predicts:
Tasked with ensuring the success of business-changing IT initiatives from mobile and BYOD to virtualization and cloud services, IT security is finding that existing security controls and processes create complexity instead of reducing risks. At the same time, highly publicized breaches and new forms of attacks have raised awareness of the business impact of cyber threats to the board level. It’s time to reinvent your security approach – here are our 2013 predictions.
Next-generation vulnerability management – Today, vulnerability management is one of the security processes that organisations use to find and mitigate risks; yet, vulnerability scanning can disrupt network operations, and delivers huge numbers of found vulnerabilities without the context needed to focus mitigation activities on real priority risks. In 2013, organisations will seek out ways to correlate contextual information about network access paths and existing security controls into a next-generation vulnerability management solution that will deliver the actionable vulnerability remediation options every day that are needed to effectively prevent data breaches and cyber attacks.
Continuous security monitoring – The highly dynamic threat landscape requires enterprises to adopt continuous monitoring of their security risk posture rather than performing periodic security assessments. While we are already seeing this trend in vulnerability management (above), it also applies to areas such as firewall compliance, network access, and end point controls. The transition to continuous security monitoring enables the IT security organisation to move from reaction to threat prevention. A high degree of automation is required, leading organisations to seek out risk management tools that can keep pace with continuous changes on a daily basis without taxing the resources of the security teams.
IPS emerges as key component of risk migration strategy – After 10 years of rapid sales but slow adoption, intrusion prevention systems (IPS) will play a key role in enterprise risk mitigation strategy in 2013, as confirmed by the Skybox Security Next-Generation Firewall survey in November 2012. Whilst many organisations currently use vendor-recommended IPS settings, selectively tuning the IPS based on your specific network vulnerabilities bridges the security gap and enables organisations to reap greater benefits from next-generation firewall deployments.
Big data for security – We see a dramatic expansion of the attack surface, fueled by the growth in mobile and other endpoint devices. Security organisations are recognizing the need to take a big data approach to security assessment – collecting huge amounts of data, and applying new predictive analysis tools to identify risks and breach traces in real time. In 2013 and later years, this approach will become more methodological. Specifically, we anticipate collection and correlation of network topology data, firewalls capabilities, vulnerabilities, asset information, business context, and new threats. This contextual analysis will enable security analysts to focus on the high risk attack scenarios in a faster and more methodological way.
Emergence of the CIRO – The Chief Information Risk Officer will be the next evolution of the CISO, who can communicate to the board in the risk language they understand, rather than security jargon. CIROs will be looking to security to reduce risk whilst enabling the organisation to achieve their strategy / objectives.
Dr. Nicko van Someren – Chief Technology Officer, John Dasher – Senior Director of Product Management, Dmitri Volkmann – Vice President of Product Strategy and Planning at Good Technology, predict:
Identity and Access Management
Nicko: Mobile devices have the capability to have many more functions in everyday life. However, adoption of what has historically been 'Two-Factor Authentication' (2FA) in the mobile space is going to be very slow and very vertically specific, until the point that these forms of 2FA are ergonomically useful. Good Trust is a technology platform which allows us to leverage the hardware of a phone in new and interesting ways. A device which is more secure will allow a greater level of functionality, such as granting access to buildings or allowing mobile payments.
Line of Business funding IT
John: The importance of technology to business outcomes will change the way that it's introduced to an organisation. IT will no longer control the majority of the budget, or be in charge of enterprise IT projects. Each line of business will become even more demanding of apps that they need for specific functions. The result is that they will fund the IT projects they deem important.
John: There will be a major data leak within healthcare from a mobile device at some point in 2013. This is likely to come from a lost laptop that creates a data breach, and is even more likely to happen as people make the move from laptops to tablets. These bodies are susceptible because they have such a big and diverse workforce that is not focused on IT – their focus is on providing healthcare!
Mobile Device Management and Data Loss Prevention
Dimitri: There will be a price war in mobile device management, as it's becoming a commodity. MDM will become completely obsolete because it is impossible to achieve management and control of the content by only managing the device. Ultimately there need to be tools in place that ensure the data itself is secured, within any environment that it might be used.
Dimitri: Data loss prevention will never happen if organisations focus purely on managing devices. Network DLP will continue to be effective within the confines of the corporate network, but Apple is outpacing Moore's law, making portability even easier, and CPU power isn't a limiting factor in what data can be transported and accessed – though you can still run out of battery! The focus has to be on how the data can be accessed and implementing controls over who can see it and how it can be shared. Only when all data is housed in a safe, secure environment can data loss prevention be achieved.
John: Context in mobile will continue to grow, because the number of components able to determine circumstances on the device will increase, both from a security perspective and a collaboration standpoint.
Nicko: Contextually aware security and functionality means that if an employee's device leaves an area or is accessed outside certain hours, then they may be asked for another level of authentication. On the other side of that coin, employees and HR can be more active in defining the work/life balance.
Dimitri: 2013 is the first year that the cloud is deprioritised in comparison to mobile. The cloud is no longer new and its more pervasive, many of the people using it don't even know that they are using it. But what it does do is open up a much bigger range of applications that can be used anytime, anywhere.
John: The growth of cloud means that the internet of things (pervasive computing) is only set to continue, but the right level of security must be provided. There are billions of things connected the internet, which are growing at a steady rate and the combination of wireless and cloud makes connecting to these devices easier than ever. The challenge is securing the devices so that it doesn't put more at risk in the event of device theft or loss
|< Prev||Next >|