2013 Reflections and 2014 Predictions on the field of Security Analytics and Intelligence
2013 was a watershed year for the field of security analytics. Since getting started in this emerging market in 2008 we’ve always been confident in the value of the technology. In 2013 this confidence shifted to astonishment as we learned through bigger and broader customer deployments that security analytics has the potential to change the fundamental ways organizations approach all domains of security. It simply allows us to learn from the data as opposed to look for what we know.
2014 will be the year of security analytics. This is my prediction based not on the hype of technology suppliers but a genuine pent-up demand from the market for something new to address not only the “big data” issue but simply the widening gap between insider and external threats and their ability to detect them. Whether it is built or bought, security analytics will find its way into a number of key security management programs from IAM, SIEM, DLP, to a comprehensive insider threat initiative.
My 2014 predictions:
#1- Insider Threat detection will become the primary driver of security analytics. This, due not just to the headline breaches but the growing realization by more CISOs that they have very limited defenses against the insider threat.
#2- SIEM programs will increasingly use advanced analytics to reduce the noise and improve the detection of insider and external threats.
#3- Enterprise application threat and risk monitoring will take hold as organizations realize that application access controls are the last line of defense and the malicious insiders have all the access they need from the start
#4- Identity & Access Management Programs will transform from compliance & operational efficiency led initiatives to become key security initiatives to protect against insider threats
#5- Cloud application threat and risk monitoring will take hold as a high priority area enabled by new analytical techniques that do not require access to the application to perform
#6- Data loss prevention initiatives will be transformed by identity, behavior analytics and context from other data sources into more predictive technologies to prevent data exfiltration events
These are my predictions for the coming year. I look forward to your feedback and how you see the year ahead playing out.
Sachin is a renowned thought leader in areas of Cybersecurity, Risk, Regulations, Compliance, Identity/Access and Governance and speaks frequently at professional conferences and seminars.
Sachin drives the vision and overall business strategy for Securonix. Previously, he was founder & CEO of VAAU, where he led the company from conception to acquisition by Sun Microsystems. Following the acquisition by Sun, Sachin served as the Chief Identity Strategist for Sun Microsystems where he led the vision and strategy for the Sun security portfolio.