In 2017, the IT community was primarily focused on mitigating external threats, such as cloud hacks and state-sponsored cyber attacks. However, many of this year’s data breaches — notably Equifax and Anthem — were actually the result of insider misuse or human mistakes. These breaches clearly demonstrate that building even the most robust perimeter defense is not sufficient, since employees and contractors can pose an even bigger threat to cybersecurity than hackers do.
Unfortunately, the 2017 IT Risks Survey by Netwrix discovered that many organizations still struggle to gain visibility into user activities in their IT environments, which leaves them helpless against insider breaches. Verizon’s 2017 Data Breach Investigation Report proves this statement, saying that employee data theft can take months or years to discover. The need to ensure data integrity forces organizations to be more vigilant and rethink their approaches to cybersecurity. Here are the top five IT security trends that will define the way organizations fight cybercrime in 2018:
Trend #1. Compliance will require more effort.
As compliance standards get stricter, and new ones are added, adhering to all their requirements is becoming even more challenging. For example, NIST Special Publication 800-171, which comes into force December 31, 2017, will regulate the protection of controlled unclassified information (CUI) in non-federal information systems and organizations, and the greatly anticipated General Data Protection Regulation (GDPR), which goes into effect in May 2018, will affect the ways every organization in the world that handles the data of European citizens must process, store and protect that data.
GDPR will affect the ways every organization in the world that handles the data of European citizens must process, store and protect that data
These and other new protective measures, along with stricter penalties for non-compliance, will require businesses to revise their data privacy programs and put more effort into proving that all necessary controls are in place.
Trend #2. Advanced analytics will improve data security.
Many organizations use multiple security products, like SIEMs, antivirus software and data loss prevention (DLP) tools. However, these solutions generate large volumes of data, which makes it hard to spot the critical information that requires immediate attention. To gain a complete understanding of what is happening across the IT environments, organizations need advanced analytics tools that can process data from multiple sources and provide visibility into activities that could pose a threat to sensitive data. The growing adoption of technologies like user and entity behavior analytics (UEBA) will enable organizations to establish stricter control over their IT infrastructures and better understand their weak points, so they can fix security holes before a data breach occurs.
Trend #3.Vendors will create solutions tailored to different security needs.
The global cybersecurity market is evolving, and the number of solutions that address similar pain points differently is growing rapidly. Since the need for strong data protection practices is extremely high, vendors will start offering a more personalized approach to solving customers’ problems, taking into account factors like IT infrastructure size and complexity, industry, and budget. The resulting customized approach to IT security will empower organizations to implement solutions tailored to their unique requirements, while small software providers focused on one particular area will get a chance to compete with larger but less flexible vendors by providing offerings that are more suitable for specific businesses.
Trend #4. The CARTA approach will improve decision-making.
In 2017, Gartner proposed a Continuous Risk and Trust Assessment Approach (CARTA) approach, which is based on the recognition that security is a continuous process of regular review, re-assessment and adjustment, rather than a set-it-and-forget-it thing. In 2018, CARTA approach has the potential to become a core strategy for organizations, defining how they evaluate and mitigate cyber risks. Real-time assessment of risk and trust in the IT environment enables companies to make better decisions regarding their security posture; the most common use case is granting additional access rights to users only after carefully studying the history of their actions in order to avoid privilege abuse.
Trend #5. Blockchain will be used for IT security.
One innovative approach to addressing the increasing number and sophistication of cyber threats is to use blockchain principles to strengthen security. Blockchain technology enables data to be stored in a decentralized and distributed manner, which means that instead of residing in one location, data is stored as an open source ledger. This prevents mass data hacking and enables organizations to prevent data tampering, since participants in the blockchain network would immediately spot any change in the ledger. Blockchain stands as a major technological leap in the security of sensitive information and might become a major security technology, especially for highly regulated industries like finance and law.
Blockchain might become a major security technology, especially for highly regulated industries like finance and law
Although each organization has its own pain points and requires different frameworks to defend against outsider and insider attacks, there are clear trends. Businesses are ready to invest in better protection strategies, and vendors will take advantage of new technologies and create more customized solutions to better address specific business needs. As a result, organizations will become more proactive about securing confidential data, and insiders and hackers alike will find their work more difficult, because it will take more time and effort for them to steal corporate data.