IT data security is a ubiquitous concern that transcends every industry vertical. As the cyber security threat landscape continues to experience exponential growth, it is critical to stay informed of the latest evolution—as well as the safeguards necessary to stay ahead of the risks. The experts at ePlus have compiled these Cyber Security Trends to Watch to share advanced thinking and insight for your security program in 2017.
The Rise of Machine Learning
Machine learning, a type of Artificial Intelligence (AI) that provides computers with the ability to learn without being explicitly programmed, is transforming almost every area of computing. The movement is having a big impact on security as forward-thinking organizations focus more on risk assessment and risk management. Machine learning is adept at finding zero-day threat patterns that are brand new, allowing computers to “hunt” for these deviations. For organizations that are constantly under attack, like financial institutions, machine learning can help quickly identify when something is new and dangerous. It could also be helpful for securing the Internet of Things where connected devices have relatively limited tasks and consistent data flows.
Learn more about ePlus Strategy and Risk Management
Increasing Cloud Cover and the Great CASB
According to the Cisco Global Cloud Index, 92% of data center traffic will be in the cloud by 2020 with an astounding 35% CAGR growth in public cloud throughout the forecast period (compared to 15% for private cloud). The cloud is finally mature and secure enough for enterprises, but as the “great migration” to cloud begins, organizations must focus on their security hygiene to ensure successful deployments. To prevent breaches, security must be implemented within every layer of a company’s public cloud infrastructure, and organizations must shift their security focus from endpoint devices to users and information across all applications and services. Look to Cloud Security as a Service and Cloud Access Security Broker (CASB) products, which act as gatekeepers between the cloud and an organization’s on premise infrastructure, to become more pervasive, supporting this trend.
Learn more about ePlus Emerging Security solutions
Less DIY Security: Managed Services will NOC Your SOCs Off
Demand for experienced security professionals continues to outpace the current labor supply. Managed Security Services--ranging from simple monitoring to fully outsourced Network Operation (NOC) and Security Operation Centers (SOC) with features such as artificial intelligence, machine learning, deep learning, advanced algorithms, and data visualization--will help organizations secure the modern world of hybrid IT and the vast amounts of data that have surpassed the human capability to monitor and manage. In particular, Managed Security Services Providers (MSSPs) will leverage artificial intelligence and machine learning to automate identification of compromise scenarios instead of manually combing through large logs—an activity that frequently results in false positives. Look to MSSPs to also help navigate the exploding landscape of security point solutions, and provide more integrated solutions over time.
Learn more about ePlus Managed Security Services
The Internet of Malicious Things
With Gartner predicting 8.4 billion connected “things” to be in use in 2017, protecting an organization’s data is more important than ever. Firmware, the hard-coded software frequently stored in read-only memory (ROM), is still the weak link and the subject of inventive attacks by cyber criminals. Considered by many as an operations function rather than a security concern, this misunderstanding underscores the need for establishing robust security management, controls, and auditing practices for firmware. Organizations should look to embed firmware security into risks assessments and controls, and implement continuous monitoring with tools designed for embedded devices.
Learn more about ePlus IoT solutions
How About a Mobile Threat Defense Initiative?
According to Gartner, apps, the presence of a microphone, camera, text history, call history, and more, make smartphones the device where the most sensitive data lives. Mobile attacks and vulnerabilities are on the rise, and while managing employee devices doesn’t make sense for every organization, securing devices does. Mobile threat defense (MTD) tools use a mix of vulnerability management, anomaly protection, behavioral profiling, code emulation, intrusion prevention, host firewalling, and transport security technologies to defend mobile devices and applications from advanced threats. These treats require security solutions beyond traditional EMM (enterprise mobility management) and MDM (mobile device management solutions). Look for a rise in MTD solutions to complement EMM and MDM as BYOD and mobile workforce initiatives continue to increase in 2017.