Modern day security professionals often face internal threats alongside the external ones that are already too common. Luckily something can be done to prevent attacks using advanced technology and unique processes. To give companies more leverage, Gartner Security & Risk research vice president Earl Perkins presented Strategic Planning Assumptions in the 2016 Summit.
Read on for the top ten predictions at 2016 Gartner Security & Risk Summit:
- Most of the vulnerabilities exploited in the next 4 years will continue to be ones whose existence security experts have been aware of for at least a year.
To deal with this concern; companies must fix all known loopholes instead of ignoring them only to pay a huge price later.
- Shadow IT resources will be responsible for a third of successful attacks by 2020.
To prevent these companies must accept that the danger is real and take proper measures to detect and correct problems posed by Shadow IT.
- By 2018, 20% of all organizations will have to develop data security control programs to prevent breaches from public clouds.
To achieve this, Data Security Governance Program (DSG) must be developed to identify gaps in security, create a plan and seek cyber insurance where possible.
- 40 % of enterprises that are engaged in DevOps will adopt application different technologies by 2020 to ensure that their applications are secure against looming threats.
To do this effectively they must adopt RASP (runtime application self-protection) for the DevOps and be open to finding good security options from different vendors.
- The year 2020 will see 80% of cloud-based CASB packaged with secure web gateway, web application firewall, and network firewall platforms.
There are concerns about clients migrating to the cloud and bounding purchases so companies must thoroughly consider various security investments to make sure that they are indeed worthy.
- In the next couple of years, the number of companies preferring in-house mobile containment to third party providers will increase from 20-60%.
Security experts must familiarize with different containment solutions bearing in mind that native/in-house containment is necessary as security concerns increase.
- By 2019 30% more IDaaS implementations will have joined the existing 10% to replace IAM implementations by 40%.
There are fewer limitations to IDaaS which means that companies can start exploiting it but tread carefully to avoid clashes with the law. This way, it will be possible to eke the benefits of identity as a service.
- Recognition technologies will cause a 55% decline in use of tokens and passwords in medium-risk cases.
People are already too used to passwords making it difficult for them to disappear but they must also be open to the use of biometrics to prove identity. Companies can only get people to adopt biometrics by building trust through positive experiences.
- Weak authentication practices will render 50% IoT device manufacturers unable to address threats by 2018.
Companies must always identify authentication risks, establish assurance requirements and employ metrics. This is the best way to avoid threats caused by poor authentication.
- More than a quarter of identified attacks in coming years will involve IoT.
Businesses must allocate more money to IoT and focus on vulnerable devices to make avoid suffering attacks. This is necessary even if you are unsure of the acceptable amount of risk.
LuminIT