Hack, breach, attack – words we saw hit the headlines on an all too regular basis in 2015. With 2016 just around the corner, it's time to start thinking about what the new year will bring. While breaches are inevitable, it's how organisations manage and contain them that will play a pivotal role. With this in mind, Adam Boone, chief marketing officer, Certes Networks takes a look at what he believes 2016 has in store for the world of IT security.
1. We will witness the first publicly confirmed security breaches involving an Internet of Things deployment.
The Internet of Things (IoT) creates a huge expansion of end points to be managed by the enterprise IT systems. This causes an exponential increase in the intelligent devices that are interfacing with enterprise applications, thus meaning that an enterprise's attack surface – the points of potential vulnerability that hackers can probe and exploit — is also immensely increased. IoT deployments can involve highly sensitive applications, including healthcare data, financial transactions and operational control data, therefore it will be even more important to have the correct software-defined security solution in place to best manage this.
2. Wearable computing devices will become an easy vector for hackers to gain access to enterprise applications and networks.
While wearables are still evolving, each generation of them includes gains in computing power and usability. However, this means they are now smart devices capable of accessing sensitive corporate data and therefore of becoming hacking targets, as the enterprise's attack surface is expanded. They have also started to form part of the 'Shadow IT' trend in which users are bringing their own devices (BYOD) and applications (BYOA) into doing their jobs. But, as we will discover in 2016, many personal devices and applications only have consumer grade security features that are largely out of the IT department's control.
3. The concept of 'software-defined security,' meaning security that is fully business-driven and completely decoupled from the network and IT infrastructure, will achieve mainstream acceptance.
One of the primary causes of the ongoing wave of data breaches around the globe is the continued over-reliance on infrastructure-based security, such as a firewalled-perimeter and network-based security functions. However, modern applications do not respect firewalled perimeters, and hackers are able to exploit network-based security gaps and siloed security architectures. In contrast, there are a growing number of enterprises that are shifting their focus beyond the hardware and network based security in favour of virtualised, software-defined security that follows applications and users across any network, cloud or virtual environment.
4. Enterprises will increasingly embrace the concept of a 'Zero Trust' IT architecture as it becomes clear that the perimeter will inevitably be breached.
The 'Zero Trust' security strategy architecture assumes no network, user, device or application can be fully trusted at any time, regardless of whether it is inside or outside the perimeter. In every major data breach making the headlines over the past year, there has been misplaced trust in internal networks or systems that enabled hackers to move laterally from application to application until they found the most sensitive data to steal; therefore adopting a “Zero Trust” strategy in 2016 could make a huge difference.
5. 'Breach containment' via application segmentation and role-based access control will become a new area of industry focus.
IT security has evolved in recent years from a focus on breach prevention via firewalls, to better breach detection and response. Yet, industry researchers show that the average time of breach detection remains around 200 days, which is an eternity for hackers to be loose in your IT systems. While efforts to improve breach detection are underway, enterprises have also started deploying breach containment technologies, such as improved application segmentation combined with role-based access control. These techniques can prevent hackers from moving laterally through systems, effectively containing them, keeping them from reaching the most sensitive data, and minimising breach damage.
It is clear that the time for industry to act is now. With the high number of breaches in the past year, perhaps 2016 will be the year for organisations to take clear and concise action to avoid them happening again, or to at least limit the scope of they do occur.
Contributed by Adam Boone, chief marketing officer, Certes Networks