In 2017, the IT community was primarily focused on mitigating external threats, such as cloud hacks and state-sponsored cyberattacks. However, many of this year’s data breaches—notably Equifax and Anthemwere actually the result of insider misuse or human mistakes. These breaches clearly demonstrate that building even the most robust external defense is not sufficient, since employees and contractors can pose an even bigger threat to cybersecurity than hackers do. Unfortunately, the 2017 IT Risks Survey by Netwrix discovered that many organizations still struggle to gain visibility into user activities in their IT environments, which leaves them helpless against insider breaches.
The need to keep up with growing threats forces organizations to rethink their approaches to cybersecurity and be more vigilant about what’s going on in their IT infrastructures. Here are the top five IT security trends that will define the way organizations fight cybercrime in 2018:
Insider Threat Protection Is on the Rise
Organizations are realizing that the unauthorized activities of users who have legitimate access to their systems and data can result in even more harm than sophisticated attacks from the outside. Moreover, as Verizon’s “2017 Data Breach Investigation Report” notes, employee data theft can take months or years to discover. The growing challenge of ensuring data security and integrity, as well as proving compliance with industry regulations, will make organizations shift their focus to insider threats and pay more attention to what users are doing in their critical systems.
Advanced Analytics Will Improve Data Security
Many organizations use multiple security products such as SIEMs, antivirus software and data loss prevention (DLP) tools. However, these solutions generate large volumes of data, which makes it difficult to spot the critical information that requires immediate attention. To gain a complete understanding of what is happening across the IT environments, organizations need advanced analytics tools that can process data from multiple sources and provide visibility into activities that could pose a threat to sensitive data. The growing adoption of technologies such as user and entity behavior analytics (UEBA) will enable organizations to establish stricter control over their IT infrastructures and better understand their weak points, so they can fix security holes before a data breach occurs.
Vendors Will Create Solutions Tailored to Different Security Needs
The global cybersecurity market is evolving, and the number of solutions that address similar pain points differently is growing rapidly. Since the need for strong data protection practices is extremely high, vendors are expected to offer a more personalized approach to solving customers’ problems, taking into account factors such as IT infrastructure size and complexity, industry and budget. The resulting customized approach to IT security will empower organizations to implement solutions tailored to their unique requirements, while small software providers focused on one particular area will get a chance to compete with larger but less flexible vendors by providing offerings that are more suitable for specific businesses.
CARTA Will Improve Decision-Making
In 2017, Gartner proposed a Continuous Risk and Trust Assessment Approach (CARTA), which is based on the recognition that security is a continuous process of regular review, re-assessment and adjustment, rather than a set-it-and-forget-it thing. In 2018, this approach has the potential to become a core strategy for organizations, defining how they evaluate and mitigate cyber-risks. The real-time assessment of risk and trust in the IT environment enables companies to make better decisions regarding their security posture; the most common use case is granting additional access rights to users only after carefully studying the history of their actions in order to avoid privilege abuse.
Blockchain Will Be Used for IT Security
One innovative approach to addressing the increasing number and sophistication of cyberthreats is to use blockchain principles to strengthen security. Blockchain technology enables data to be stored in a decentralized and distributed manner, which means that instead of residing in one location, data is stored as an open source ledger. This prevents mass data hacking and enables organizations to prevent data tampering, since participants in the blockchain network would immediately spot any change in the ledger. Blockchain stands as a major technological leap in the security of sensitive information and might become a major security technology, especially for highly regulated industries such as finance and law.
Traditional security models have proven to be ineffective against modern cyberthreats. Although each organization has its own pain points and requires different frameworks to defend against outsider and insider attacks, there are clear trends. Businesses are ready to invest in better protection strategies and adopt better methodologies, and vendors will take advantage of new technologies and create more customized solutions to better address specific business needs. As a result, organizations will become more proactive about securing confidential data and insiders and hackers alike will find their work more difficult, because it will take more time and effort for them to access and steal corporate data.