It wasn’t long ago when much of an organization’s daily business processes were fulfilled without the need for computers. All that computing devices provided was an ancillary support to an organization’s framework. Today, digital technology has completely upturned business processes and made them more efficient and effective, enabling us to extract greater productivity in significantly shorter durations of time.
Ravi Raman, Executive Vice President and Head of Engineering - Security Intelligence & Analytics at Paladion Networks, believes that smart devices, Internet of Things, and many other technological advancements have completely altered how businesses operate, and more importantly for this article, where they store critical data. Much of an organization’s critical data is available online or on a cloud server. While security technologies have grown so have the tactics, techniques, and procedures cyber attackers use to penetrate your defences.
Organisations spent over $450 billion globally last year to shore up cyber defences, a figure which is expected to reach $2 trillion by 2019. So, let’s take a quick look at the top cybersecurity developments you should expect to see in 2018, and the ones that you should consider implementing.
Change of guard: Increasing focus on detection rather than prevention
The industry focus is clearly moving towards real-time threat detection. 2018 will bring a larger focus on this paradigm. More money will flow into security detection through Deep Learning and Machine Learning-based threat discovery models. Detection and response will be the primary focus. The ongoing approach to threat prevention will still be valid, but the emphasis on threat detection and response will become stronger. Organizations should continue to not only do the basics right – but should quickly deploy tools that can promptly detect threats by mining through large network-based data sets.
Speed of response and containment
Faster containment of threats is the need of the hour. This means automated or machine-enabled remediation will be needed. Remediation runbooks or playbooks focused on auto or semi-auto remediation will be required. So, tools will need to focus on getting this major lacuna addressed. Tools which can interact with network endpoints to enable speedier remediation will be the flavour of 2018.
Enhancing cloud security
As cloud operations are maturing and more and more companies are moving towards the PAAS/SAAS platforms, the need for security of such infrastructure will need stronger focus in 2018. Third-party tools to configure and audit cloud security – with an environment of dynamic IPs that cloud infrastructure ordinarily throw at you – is paramount to ensuring information security. Need to define and deploy policies and controls to protect data, applications, and the associated infrastructure of cloud computing will be imperative for success. Insider attack by employees of Cloud Infrastructure Operators is also a threat that is looming. Therefore, Cloud Service providers will need to ensure that they have a robust mechanism of preventing such incidents from happening. Tools to monitor suspicious activities of employees who have access to the cloud infrastructure will enjoy an even stronger demand in 2018.
The need for Data Science and Analytics skills
Organizations are generating a large amount of data and in the new model of focusing on detection rather than prevention, there is a need to analyze these data sets to detect potential threats before they actually become an exploit. This means larger dependence on data science, statistical, and analytic skills. People with knowledge in Machine Learning, Deep Learning, Artificial Intelligence, and statistics will be in high demand. This will also translate into GPU-based analytics for faster processing of data for analytics.
From DevOps to DevSecOps:
To keep up with the ever-growing need to deliver software systems at a high pace, the model of DevOps has emerged and has been practised actively for the past year or so if not more. Building security in parallel to application development at the same speed is very critical to its overall success. So, the focus in 2018 will move from DevOps to DevSecOps. Online integration of tools to enable checking for security flaws in code as it is being developed will become the need of the hour as we get into 2018.
As the current year comes to an end, it has given us the prelude of the year to come, and when we bring cybersecurity into the picture, things are quite alarming. The only thing that can save businesses from rapidly-evolving cyberattacks is an even more sophisticated approach to countering them and keeping a keen eye on cybersecurity developments.
