At this time of year “what’s in, what’s out” lists proliferate and for many of us, they can be overwhelming. Just when you’ve adjusted to the latest food or fitness trend, something new comes along that you need to adapt to! From kale to sea greens, from high-intensity interval training (HIIT) to Ninja Warrior gyms.
I decided to take a different tack as we look at what’s ahead for cybersecurity. I’m going to focus on what’s still in – five trends we’ve observed across the security industry in 2018 and expect to remain strong in 2019.
1. Embracing automation. With the growing popularity of Security Orchestration, Automation and Response (SOAR), automation is starting to take hold and will continue to expand into other areas of security operations. Look for automation and orchestration to be incorporated into tools to help reduce mean time to detection (MTTD) by bringing threat intelligence together, translating it into a usable format and proactively pushing data instead of requiring it to be polled. Automation can also help you deal with the talent shortage by automating tedious tasks. We’ll see more solutions that use automation to pull data from different security products and aggregate them into a single, easy to read pane. These solutions save analysts the time, effort and frustration of manually going into and out of different consoles, correlating data, and copying and pasting what they need.
2. Securing data in the public cloud. With the growing number of organizations moving to the public cloud, how to transition securely will remain top of mind. Those that are successful will recognize that security is a partnership. The cloud provider is typically responsible for security of the cloud and you are responsible for the security in the cloud. As such, the cloud provider has done the heavy lifting of presenting you with high-level, normalized telemetry feeds. This allows you to apply your resources to understanding and using that refined telemetry to improve security. Working in partnership, you actually have an opportunity to protect your data more effectively and at scale when compared to on-premises environments.
3. Security is a people problem. There are two elements to this. First, the industry will continue to experience a shortage of skilled cybersecurity professionals, that some studies (PDF) expect to reach 3.5 million by 2021. By tapping into and helping to foster a diverse talent pool, we can expand the universe of workers and put a stop to the ongoing scramble for resources. At the same time, people unwittingly provide cybercriminals with a gold mine of information. Organizations must continually look for ways to compensate for insider negligence to mitigate the risk of insider threats. Start by managing your data classification so that you can implement consistent access privilege management. Review your data and classifications periodically as it’s easy to lose control of your data in a dynamic environment.
4. Data privacy spurs business growth. There’s no denying the General Data Protection Regulation (GDPR) has been a drain on many organizations, but it isn’t a one-time exercise. It’s a sign of what’s ahead. Organizations that approach data privacy as an opportunity for business success and innovation will position themselves to thrive in the global, digital economy. This requires we shift from the preconceived notion of privacy as encryption and the secreting away or nonuse of data and drive toward data curation. Curation is about the right information at the right quality level, accessible by the right people so we are respecting and protecting privacy and using data ethically without compounding human biases. Through data curation we not only achieve compliance with directives emerging worldwide, but also efficiency, effectiveness and creativity.
5. Customer experience as a key driver of success. Customer experience will continue to take hold in the security industry and become an imperative. That’s because improved security leads to improved customer experience and vice versa. One way we see this manifest is with the convergence of products and services to deliver solutions that provide customers the capabilities they need in a way that best matches their operational readiness and resource requirements. For example, managed detection and response (MDR) service providers are using technologies like infrastructure analytics platforms, application performance management, and security instrumentation platforms to gain the visibility and automation necessary to lead effective Purple Teaming exercises to strengthen incident readiness and response.
The security industry has advanced tremendously over the past year but there’s more work to be done. As security professionals, we must keep learning from and building on these top five trends to create a more secure future. What’s in is still in and, as far as I’m concerned, that’s a good thing. Happy New Year!
