For a long time enterprises have been primarily concerned with securing themselves against external cyber threats such as viruses and hackers. Yet some of the biggest threats of 2017 have actually been as a result of insider mistakes or misuse. The recent Equifax and Anthem breaches are proof positive that employees and contractors can be just as big a security liability as outsiders.
At root is the fact that many businesses still have insufficient visibility into what changes their users are making within their IT environment. Our own 2017 IT Risks Survey of more than 600 IT Pros confirms that 66% of organizations perceive employees to be the biggest threat to system availability and security. And the fears appear to be justified. Research from Egress Software Technologies has revealed that around one quarter (24%) of UK employees admit to intentionally sharing confidential business information outside their organization, typically to competitors or new and previous employers.
Verizon’s 2017 Data Breach Investigation Report goes further, saying that employee data theft can take months or years to discover. From May 2018, GDPR will usher in a new era when data breaches will need to be reported within just 72 hours. It means organizations will be highly incentivized to adopt new strategies that make speedy discovery of cybersecurity breaches a top priority.
Looking ahead, a number of emerging IT security advances will arm organizations with the right information at the right time to help spot and mitigate potential breaches before they can occur. Here, in no particular order, are five security trends that are set to make a big impression on enterprise in 2018.
1. Security compliance will get serious
Regulators on both sides of the Atlantic are clamping down on security practices that put customer data at risk. In the U.S. NIST Special Publication 800-171, which comes into force December 31, 2017, will regulate the protection of controlled unclassified information (CUI) in non-federal information systems and organizations. Over in Europe, the much anticipated General Data Protection Regulation (GDPR) will ensure organizations worldwide that handle information relating to European citizens fully understand what data they have, where it is stored and who is responsible for it. These, along with stricter penalties for non-compliance, will require businesses to upgrade their data privacy controls.
2. Advanced analytics will improve data security
Organizations currently use a combination of security products from antivirus software and data loss prevention (DLP) tools to full-blown security information and event management (SIEM) software in an attempt to reduce data breach risk. SIEM in particular generates large volumes of data making it hard to spot information requiring immediate attention. Advanced data analytics tools will help organizations see the wood from the trees much more clearly. The growing adoption of technologies like user and entity behaviour analytics (UEBA) will enable organizations to establish stricter control over their IT infrastructures and better understand their weak points, so they can fix security holes before a data breach occurs.
3. Tailor-made security
The global cybersecurity market is evolving. Security vendors are rapidly expanding their range of solutions to allow them to solve similar pain points differently according to the customer’s infrastructure. With strong data protection practices in high demand, security vendors will start to offer a more personalized approach, taking into account factors like IT infrastructure size and complexity, industry and budget. A more customized approach to IT security will provide organizations with solutions that are uniquely tailored to their requirements. Smaller, more specialist software providers will win business against larger, less flexible vendors by providing offerings that are ideally suited to meet specific business needs.
4. Gartner’s CARTA approach will improve decision-making
In 2017, Gartner proposed a new approach to security based on a continuous process of regular review, re-assessment and adjustment. Known as CARTA (Continuous Risk and Trust Assessment), the new approach is intended to replace the old fit-it-and-forget-it mantra. We can expect this approach to become more central in 2018 as organizations take a fresh look at how the mitigate cyber risks. Real-time assessment of risk and trust in the IT environment enables companies to make better decisions regarding their security posture. A good example is to grant extended access rights to users only once previous patterns of behaviour on the network have been carefully studied to show they present minimal risk of privilege abuse.
5. Blockchain principles to be applied to data security
An emerging approach to mitigate the increasing number and sophistication of cyber threats is to harness blockchain principles to strengthen security. With blockchain technology data is stored in a decentralized and distributed manner. Instead of residing in a single location, data is stored in an open source ledger. It renders mass data hacking or data tampering much more difficult because all participants in the blockchain network would immediately see that the ledger had altered in some way. Blockchain has the potential to be a major leap forward for securing sensitive information, especially in highly regulated industries like finance, government, health and law.
In summary, insider mistakes and privilege misuse have repeatedly been the source of security breaches and are as much a vulnerability to organizations as outsider threats. In response 2018 will see the introduction of a number of regulatory initiatives aimed at clamping down on inadequate security practices.
Even though every organization has its own individual security risks requiring different defence methods for mitigating insider and outsider attacks, some common technology trends are emerging. Businesses will need to adopt more continuous protection strategies, while vendors will take advantage of the latest technology advances to create more customized and better targeted solutions.
As a consequence we should see organizations becoming more proactive about securing confidential information, especially where consumer data is concerned. Malicious insiders and hackers alike will find their work more difficult. Stealing corporate data will take much take more time and effort than it did in the past while the overall chances of being caught will also be higher.
Michael Fimin, CEO and Co-Founder of Netwrix
Image Credit: Methodshop / Pixabay