Netwrix Corporation outlines the top 5 emerging IT security trends likely to affect the way organisations will approach cybersecurity in 2018.
Although external cyber attacks continue to become more sophisticated, the primary security threat still comes from insiders. To keep up with the evolving threat landscape, organisations may have to rethink their security strategies and come up with new approaches to tackling cybersecurity issues. The following trends are predicted to play a significant role in 2018:
- Blockchain for IT security. Blockchain technology enables data storage in a decentralised and distributed manner, which eliminates a single point of failure and prevents hackers from compromising large volumes of data. Due to its ability to quickly identify the data that has been manipulated, blockchain may become the core technology for highly regulated industries, like banking and law.
- Focus on insider threats. Netwrix’s 2017 IT Risks Survey found that most organisations lack visibility into user behaviour, which makes them vulnerable to insider threats. The need to keep sensitive information secure and prevent insider breaches will force organizations to make more efforts to establish stricter control over user activity in their IT environments.
- Continuous Adaptive Risk and Trust Assessment. Since protection against behind-the-perimeter attacks is not sufficient today, Gartner suggests a Continuous Risk and Trust Assessment Approach (CARTA), which sees security as a continuous process that changes all the time and has to be regularly reviewed. Real-time assessment of risk and trust will enable organisations to make better decisions regarding their cybersecurity posture and mitigate the risks associated with aberrant user activities.
- Growing demand for advanced analytics. Because security software generates massive amounts of data, organizations need advanced analytics to gain a complete picture of what’s going on in their IT environments. The growing adoption of user and entity behaviour analytics (UEBA) technology will help companies understand their weak points better and promptly respond to any activities that might pose threat to data integrity.
- Organisation-specific approach to IT security. Organisations will expect vendors to offer more personalised security solutions that address specific pain points depending on a company’s size, IT environment complexity and budget. This will give businesses an opportunity to implement products that better match their needs, and small vendors with a single focus will be able to compete with larger but less flexible software providers.
“In 2017, external threats, such as state-sponsored attacks and cloud hacks, were the hottest topics for IT professionals. We expect that in 2018, the main focus will be on insider threats, since rogue or negligent employees and intruders with stolen credentials may pose a bigger risk to security than outsider hackers. Organisations will likely do their best to minimize insider risks — by keeping a closer watch on user activities, analysing user behaviour, and regularly assessing risks to proactively spot weaknesses and improve their security posture,” said Michael Fimin, CEO and Co-founder of Netwrix.