Matthew Gyde, Group Executive ─ Security and Guido Crucq, Group Security Principal Director, share their thoughts on what will be the top cybersecurity trends to watch in the year ahead.
In 2016 we saw organisations across many industries recognising the potential of cybersecurity to enable their move to become digital businesses. We see this trend continuing in 2017.
Fintech businesses have been leading the charge. As cloud-born organisations, they’re extremely asset-light. But they still need to ensure that the transactions they perform are secure. So security needs to be pushed beyond the physical perimeter into a cloud environment.
We expect to see next-generation digital businesses increasingly sharing their data with one another
The advantages of this model are significant: you don’t need to wait eight weeks for security equipment to be delivered. You can simply ‘turn it on’ and start deploying it across multiple cloud platforms.
Being able to provision and deploy security into the cloud quickly is also appealing to financial institutions that are entering into mergers and acquisitions, or right- or down-sizing their operations. It allows them to quickly discontinue services to branches or burst capacity to set up temporary operations.
In the year ahead, we expect to see next-generation digital businesses increasingly sharing their data with one another.
But these won’t necessarily be long-term engagements. One day you might be partnering with another business to take a new product to market, a few weeks later you’ll be competing.
We foresee a need for more decentralised computing and security architectures
So, the ability to make information available to your partners quickly and securely, for short periods of time, will become critical.
We believe that 2017 will be the year that the security industry steps up to the challenge of enabling the Internet of Things (IoT) and operating technology (OT).
OT environments have inherently open designs that typically lack appropriate security controls – all the effort has been focused on ensuring that devices are able to communicate effectively with one another.
Given the omnipresent threat of cyberattacks, it won’t be sufficient to apply traditional perimeter defence strategies to these environments. As an industry, we need to find ways to segment and secure OT and IoT environments in a more sophisticated manner, and ensure that security is embedded very close to individual configuration items.
If sensors are becoming the perimeter, we’ll also need to consider how to go about gathering the data they collect and turning it into intelligence. This will enable us to become much more predictive about cybersecurity.
This won’t be easy. According to Forbes, there’ll be 80 billion connected devices by 2020. The number of distributed, connected devices that will be acting as sensors and feeding information back to the security platform are going to place huge demands on the central processing power.
So we foresee a need for more decentralised computing and security architectures in order to cope with the increased volume of data being generated.
We also see security being built into the fabric of the network: either by activating the security features that new networking devices come with, or combining them with specialist security devices and software – or both. And through earlier collaboration between network architects and the security team.
Updating security patches on thousands of networking devices is very labour intensive. That’s why software-defining those devices, and automating services are so potentially beneficial.
Modern workspaces are redefining how users, their devices, and data interact. And as our workspaces change, identity is becoming more important. Millennials are a driving force behind this trend. They have very different expectations of how and from where they access their data.
However, what hasn’t changed is the fact that users are the weakest link in the security chain.
We believe that identity can help solve end point control challenges. But not in the traditional manner. Bulky identity engines that take multiple years to deploy are being replaced by light-weight, agile identity technologies that make use of sophisticated cryptographic algorithms.
Bulky identity engines that take multiple years to deploy are being replaced by light-weight, agile identity technologies
49% of employees use consumer telephony applications such as Skype in the workplace – Frost and Sullivan Securing workspaces for tomorrow white paper.
Identity will evolve to include geo-location and geo-sensing and start to leverage existing technologies such as GPRS that are already built into users’ devices. Next-generation approaches to identity will need to be device independent because they’ll need to access user information that’s been generated by multiple devices and is stored primarily in the cloud.
We anticipate some exciting advances in multi-factor authentication in the year ahead. For example, we believe that the days of using one-time passwords to perform basic bank transactions, will soon be gone.
We can expect to see the emergence of very dynamic ways of authenticating identities: Identity will increasingly leverage advanced technologies such as biometrics. Fraud protection will evolve to include the collection and analysis of metadata.
For example, your location, the type of information you’re trying to access, and whether the device you’re using has been previously used to perform such transactions, will all be taken into account.
Today, organisations can’t afford to settle for a ‘best effort’ approach to cybersecurity. Cybercrime is big business. Over the last few years, cybercriminals have been re-investing much of the ill-gotten gains into developing more sophisticated capabilities, using more advanced technologies.
Despite ongoing innovation in the cybersecurity industry, much of the effort remains reactive. We believe that security needs to more than ‘proactive’ ─ it needs to be ‘predictive’.
Through our partnership with NTT Security, we’re using advanced machine learning and artificial intelligence to identify threats before they happen. We then either shut them down or place them into ‘wormholes’ or ‘honey pots’ so we can study the way they behave.
Today, 40% of the world’s Internet traffic passes through the network of NTT, our parent company. By analysing this traffic we’re able to capture the criminals’ IP addresses, and ─ with the help of policing agencies ─ confirm their identities. Next, we start monitoring who they’re communicating with.
We’re using advanced machine learning and artificial intelligence to identify threats before they happen
As part of our efforts to become more predictive we also analyse large sets of unstructured data. If we detect suspicious activity we’ll ‘crunch’ the data to draw conclusions about their source and who might be behind them. And we’ll use artificial intelligence to predict what the next step in the attack sequence could be.
See how Sentient is solving the world’s most complex problems using massively distributed artificial intelligence.
To maintain a solid cyber defence you need advanced skills in threat intelligence, virtual engineers, and, ideally, ‘hunting teams’ that can scour the Dark Web. But these skills are scarce and expensive. According to ISC, by 2020 there’s expected to be a global shortfall of 1.5 million cybersecurity experts. As a result, many organisations will be looking to outsource these activities to external specialists in the year ahead.
Many of these cybersecurity businesses are making great strides in advanced data analytics, but we foresee that in 2017 they’ll see the wisdom in collaborating and sharing their information, rather than competing with one another for market share. This is a positive development, as collective insights will always be more powerful in the fight against cybercrime than any individual effort.
Many businesses are bound by strict compliance regulations as to where their data may reside, and, as a result, aren’t able to move everything to the cloud. Others simply feel more comfortable retaining their business-critical assets on-premise. So today, most organisations operate hybrid IT environments.
However, we do see a growing acceptance in the market that the public cloud is secure, provided that the appropriate controls are put in place. We expect to see an increase in the use of virtualised technology to extend security controls into the public cloud in the year ahead.
In hybrid IT environments, technology becomes increasingly programmable
In hybrid IT environments, technology becomes increasingly programmable and data is moving across multiple environments. So it’s important to ensure that security is built in from the start.
You need to consider how to ensure that hardware is communicating with software correctly, and that software is operating consistently across multiple different platforms and into different clouds. You also need to consider how to embed security controls in your applications and in the data that’s leaving your organisation.
Maintaining a strong security posture in a hybrid IT environment is complex, and calls for skills that most businesses don’t have, or can’t afford, in-house. Increasingly, organisations are seeing the value in engaging with specialist consultants and architects that can assess their environments and help them to evolve their physical networks to a software-defined model. Managed security services can also ease the burden on internal resources.
We believe technology is the key that unlocks potential for businesses, and for the world, in ways we’re only beginning to comprehend. By applying our capabilities in cybersecurity, digital infrastructure, hybrid cloud, and workspaces for tomorrow, we look forward to continuing to help our clients accelerate their journeys to become digital businesses in 2017.
Sign up for bi-weekly updates on new insightsSubscribe
The future of cybersecurity as an enabler for digital businessRead more
Insights to protect your organisation against cybercrime in the digital eraRead more