Cyber-crime is big business. Over the last few years, cyber-criminals have been re-investing much of their ill-gotten gains into developing more sophisticated capabilities, using more advanced technologies. Despite ongoing innovation in the cyber-security industry, much of the effort remains reactive. In response, cyber-security will become more predictive in the coming year.
Intelligence is driving the predictive cyber-security posture
To maintain a solid cyber-defence, you need advanced skills in threat intelligence, virtual engineers, and, ideally, ‘hunting teams’ that can scour the Dark Web. But these skills are scarce and expensive. According to ISC, by 2020 there’s expected to be a global shortfall of 1.5 million cyber-security experts. As a result, many organisations will be looking to outsource these activities to external specialists in the year ahead.
Many of these cyber-security businesses are making great strides in advanced data analytics, but in 2017 they’ll see the wisdom in collaborating and sharing their information, rather than competing with one another for market share. This is a positive development, as collective insights will always be more powerful in the fight against cyber-crime than any individual effort.
The sensor is becoming the perimeter
2017 will also be the year that the security industry steps up to the challenge of enabling the Internet of Things (IoT) and operating technology (OT). OT environments have inherently open designs that typically lack appropriate security controls – all the effort has been focused on ensuring that devices are able to communicate effectively with one another. Given the omnipresent threat of cyber-attacks, it won’t be sufficient to apply traditional perimeter defence strategies to these environments.
What’s needed are ways to segment and secure OT and IoT environments in a more sophisticated manner, and ensure that security is embedded very close to individual configuration items. If sensors are becoming the perimeter, we’ll also need to consider how to go about gathering the data they collect and turning it into intelligence. This will enable us to become much more predictive about cyber-security. The number of distributed, connected devices that will be acting as sensors and feeding information back to security tools are going to place huge demands on the central processing power. There is therefore a need for more decentralised computing and security architectures in order to cope with the increased volume of data being generated.
We’ll also see security being built into the fabric of the network: either by activating the security features that new networking devices come with, or combining them with specialist security devices and software – or both. And through earlier collaboration between network architects and the security team. Updating security patches on thousands of networking devices is very labour intensive. That’s why software-defining those devices, and automating services are so potentially beneficial.
Security is accelerating digitalisation
In 2016 we saw organisations across many industries recognising the potential of cyber-security to enable their move to become digital businesses. We will see this trend continuing in 2017. Fintech businesses have been leading the charge. As cloud-born organisations, they’re extremely asset-light. But they still need to ensure that the transactions they perform are secure. So security needs to be pushed beyond the physical perimeter into a cloud environment. The advantages of this model are significant: you don’t need to wait for security equipment to be delivered. You can simply ‘turn it on’ and start deploying it across multiple cloud platforms.
Being able to provision and deploy security into the cloud quickly is also appealing to financial institutions that are entering into mergers and acquisitions, or right- or down-sizing their operations. It allows them to quickly discontinue services to branches, or burst capacity to set up temporary operations. In the year ahead we’ll see businesses increasingly sharing their data with one another. But these won’t necessarily be long-term engagements.
One day you might be partnering with another business to take a new product to market, a few weeks later you’ll be competing – the ability to make information available to your partners quickly and securely, for short periods of time, will become critical.
Identity makes a comeback
Modern workspaces are redefining how users, their devices, and data interact. And as our workspaces change, identity is becoming more important. Millennials are a driving force behind this trend. They have very different expectations of how and from where they access their data. Identity can help solve end point control challenges, but not in the traditional manner. Bulky identity engines that take multiple years to deploy are being replaced by light-weight, agile identity technologies that make use of sophisticated cryptographic algorithms. Identity will evolve to include geo-location and geo-sensing and start to leverage existing technologies such as GPS that are already built into users’ devices.
Next-generation approaches to identity will need to be device independent, because they’ll need to access user information that’s been generated by multiple devices and is stored primarily in the cloud. Some exciting advances in multi-factor authentication are anticipated for the year ahead – the days of using one-time passwords to perform basic bank transactions will soon be gone. We can expect to see the emergence of very dynamic ways of authenticating identities: identity will increasingly leverage technologies like biometrics and fraud protection will evolve to include the collection and analysis of metadata.
For example, your location, the type of information you’re trying to access, and whether the device you’re using has been previously used to perform such transactions, will all be taken into account.
Secure hybrid IT is becoming the building block for hyper-virtualised security
Many businesses are bound by strict compliance regulations as to where their data may reside, and, as a result, aren’t able to move everything to the cloud. Others simply feel more comfortable retaining their business-critical assets on-premise. So today, most organisations operate hybrid IT environments. However, there is growing acceptance in the market that the public cloud is secure, provided that the appropriate controls are put in place. We expect to see an increase in the use of virtualised technology to extend security controls into the public cloud in the year ahead.
In hybrid IT environments, technology becomes increasingly programmable and data is moving across multiple environments, so it’s important to ensure that security is built in from the start.
You need to consider how to ensure that hardware is communicating with software correctly, and that software is operating consistently across multiple different platforms and into different clouds. You also need to consider how to embed security controls in your applications and in the data that’s leaving your organisation. Maintaining a strong security posture in a hybrid IT environment is complex, and calls for skills that most businesses don’t have or can’t afford in-house.
Managed security services can ease the burden on internal resources and increasingly organisations are seeing the value in engaging with specialist consultants and architects that can assess their environments, and help them to evolve their physical networks to a software-defined model.
Image Credit: Sergey Nivens / Shutterstock
Rory Duncan, head of security business unit, Dimension Data UKI