The new year is still a month away, but security experts at several companies are already sharing their cyber security predictions for 2016.
Samson David, senior vice president and global head for cloud, infrastructure services and security at Infosys, says the following three trends will dominate over the coming year:
- As enterprise perimeters expand, so will security vulnerabilities. It’s no secret that cyber threats are getting smarter and penetrating deeper across devices and different levels. As global enterprises push to scale their businesses through initiatives like cloud and social, information that previously resided in internal hardware will now be strewn across various devices and levels like on-premises, public clouds, social media and mobile. This will leave consumers, businesses and governments on constant high alert for increased risk, vulnerability and exposure.
- Cloud security will increase in scale, and decrease in complexity. In 2016 we’ll see cloud security evolve into simpler, virtualized controls and solutions that will have embedded security processes to help map current IT systems. Heavy, bolted-on protective layers that have difficulty scaling in the cloud will stay behind, and next year will have lighter, scalable cloud security solutions.
- Backup and recovery will become synonymous with security. With the explosive growth of structured and unstructured data, improving backup and recovery time will be a big hurdle for the enterprise. Vendors will rely on automated tiered solutions and data de-duplication to address the challenges of heterogeneity of technology. Encrypted data backups and agentless cloud-based replication will become the norm for data security.
Sisense CEO Amir Orad offers the following three predictions for 2016:
- We will see companies increasingly leverage data analytics for security. Many advanced organizations are beginning to build tools that better connect the dots and increase overall umbrella monitoring. Companies today have large, complex data sets coming from many different security monitoring sources, too much for humans to analyze on their own. Instead, many companies will begin to deploy advanced technology solutions to help deal with this complex data and understand what is happening across the entire network.
- Organizations will gain a better understanding of real threats through machine learning algorithms. A number of companies will incorporate machine learning algorithms into security monitoring to reduce false positives. Many existing security systems have binary outcomes, generating too many false positives that either waste resources or cause the companies to ignore real threats because of the volume of flagged items. To address this issue, more and more companies are utilizing a set of learning algorithms that look at multiple variables, like user role, time of day, etc. to help identify legitimate and suspicious behavior.
- There will be in an increase in the "smoke and mirror" approach. Increasingly, organizations will create false environments in order to lure in potential threats and trap them in a fake network. By mimicking a real network, they can confuse the attacker and better track and find the culprit of the threat.
Regarding cloud security, Brett Greenwood, vice president of security at BetterCloud, offers the following three predictions:
- Security gaps in containerized cloud services will continue to be a prime target for cyberattacks. With the growing use of containerized compute services (such as Docker), researchers and hackers alike will focus on exploiting the weaknesses in the workload isolation model. This will result in pressure for the open source community and software and security vendors to fill the gaps. In the meantime, those who adopt containerization strategies will need to implement additional security measures to mitigate the risks of using these technologies.
- Cloud adoption will fuel more targeted attacks on cloud services. Motivated attackers will increasingly focus on cloud service platforms and providers to exploit their customers and steal valuable and confidential data. Errors on the part of both service providers and consumers will contribute to security incidents. In response, organizations will be pressured to raise the bar for assessment of cloud providers and the security of those implementations.
- New security approaches will be needed more than ever in the wake of advances in modern computing. A number of computing trends have been changing the look of IT environments and applications in organizations large and small. A few of these trends include the widespread adoption of public and private cloud platforms for infrastructure and platform as a service, infrastructure as code (including software defined networking and delivery with containerized microservices. As we look to 2016 and beyond, we’ll see many organizations maturing their security programs - accepting that the old approaches to security won't work well in these environments.
Seculert CEO Richard Greene lists the following six security trends for 2016:
- Prediction will emerge as the new holy grail of security. Up until 2014, the cybersecurity industry considered prevention to be their sole objective. Sophisticated enterprises then began to complement their prevention strategies with detection technologies to get the visibility on their infrastructure they lacked. In 2016, prevention will emerge as a new priority, with machine learning becoming a key tool for organizations that want to anticipate where hackers will strike.
- The adversary is getting smarter. Common cyber criminals will no longer be the most common threat. Sophisticated criminal gangs with modern organizational models and tools will emerge as the primary threat. Besides being well funded these attackers have the luxury of time on their side, so they’re able to develop more advanced techniques not yet anticipated by the cyber-defense community.
- Global governments have also come to realize they must have both cyber-defense and cyber-offense capabilities. Public sector hackers will rarely attempt the kind of attack we saw in Ukraine this year, but we can expect a growing number of state v. state reconnaissance attacks as cyber 'armies' research the strengths and weaknesses of their opponents.
- Money is no longer the sole motivator. Rather than hacking for just for financial gain, in 2016 we’ll see cybercriminals infiltrate to cause physical damage. Hacktivist groups have already proven they are not motivated by money, but rather by a cause. When money is no longer the motivator, infrastructures, priceless artifacts and more are put at risk.
- Enterprises will be more vulnerable than ever as the Internet of Things expands the attack surface. Anything that is connected to the Internet can be an attack surface. It’s just a matter of time before you discover the Fitbit on your wrist or the thermostat connected to your Wi-Fi can be used as the starting point to penetrate corporate and government networks.
- The CISO of the future will have a new and expanding role. Their responsibilities will shift from managing tedious work cycles on uncovering, analyzing and reporting threats, to an elevated role where they must think proactively and strategically to ensure the greater enterprise can achieve its strategic goals.
While considering the predictions above, it's also worth taking a look at eSecurity Planet's previous predictions for enterprise security trends in 2014 and 2015 -- how did we do? And what do you expect in the coming year?