At the recent Gartner Security & Risk Management Summit 2017, company analysts predicted that the following 11 technologies will be the top solutions in information security in the coming year:
1. Cloud Workload Protection Platforms (CWPPs) provide information security leaders with an integrated way to protect cloud workloads using a single management console and a single way to express security policy.
2. Remote Browser technology contains the potential damage from browser-based attacks by isolating the browsing function, keeping malware off the end user's system.
3. Deception technologies leverage deceits, decoys and/or tricks designed to thwart, or throw off, an attacker's cognitive processes, disrupt an attacker's automation tools, delay an attacker's activities, or detect an attack.
4. Endpoint Detection and Response (EDR) solutions augment traditional endpoint preventative controls such as anti-virus, by monitoring endpoints for indications of unusual behavior and activities indicative of malicious intent. By 2020, Gartner predicts, 80 percent of large enterprises, 25 percent of midsized organizations and 10 percent of small organizations will have invested in EDR capabilities.
5. Network Traffic Analysis (NTA) solutions monitor network traffic, flows, connections and objects for behaviors indicative of malicious intent.
6. Managed Detection and Response (MDR) solutions help businesses that lack expertise and resources to improve their threat detection, incident response, and continuous-monitoring capabilities.
7. Microsegmentation is the process of implementing isolation and segmentation for security purposes within a virtual data center, helping to limit the damage from a breach when it occurs.
8. Software-Defined Perimeters (SDPs) define a logical set of disparate, network-connected participants within a secure computing enclave, removing resources from public visibility and reducing the surface area for attack. Through the end of 2017, Gartner predicts, at least 10 percent of enteprise organizations will leverage SDP technology to isolate sensitive environments.
9. Cloud Access Security Brokers (CASBs) address gaps in security resulting from increases in cloud service and mobile usage by providing information security professionals with a single point of control across multiple cloud providers and services.
10. OSS Security Scanning and Software Composition Analysis for DevSecOps specifically analyze the source code, modules, frameworks and libraries that a developer is using to investory OSS components and identify any known security vulnerabilities or licensing issues.
11. Container Security solutions protect the entire lifecycle of containers from creation into production, with many solutions providing prepreoduction scanning combined with runtime monitoring and protection.
Separately, Gartner research director Rob McMillan presented the following seven security predictions for 2017 and beyond:
- By 2020, investment in artificial intelligence/machine learning-based tools for IT resilience orchestration automation will more than triple, helping reduce business outages from cascading IT failures.
- Through 2020, zero-day vulnerabilities will play a role in less than 0.1 percent of attacks in general, excluding sensitive government targets.
- By 2020, 10 percent of penetration tests will be conducted by machine-learning-based smart machines, up from zero percent in 2016.
- By 2020, more than 20 percent of organizational business plans will use infonomics to provide a financial analysis of data assets and liabilities.
- By 2020, at least one major safety incident will be caused by an IT security failure, leading to significant injury.
- By 2018, the 60 percent of enterprises that implement appropriate cloud visibility and control tools will experience one third fewer security failures.
- By 2020, IT-sponsored information security programs will suffer three times as many significant breaches as those sponsored by business leaders.
"In 2017, the threat level to enterprise IT continues to be at very high levels, with daily accounts in the media of large breaches and attacks," Gartner Fellow Emeritus Neil MacDonald said in a statement. "As attackers improve their capabilities, enterprises must also improve their ability to protect access and protect from attacks."
"Security and risk leaders must evaluate and engage with the latest technologies to protect against advanced attacks, better enable digital business transformation and embrace new computing styles such as cloud, mobile and DevOps," MacDonald added.