The past year has been tumultuous in the world of IT security. Though IT security is always host to a changing landscape, it seems that last year, more than ever, hackers and other technology villains have been top news. From hacktivists to cloud leaks and buggy code, it seems each week there is a new headline about IT security. What are some of the security solutions we will see in the near future that may turn the headlines from grim to optimistic?
- What are some of the current, emerging IT threats enterprises are facing?
Targeted cyber-attacks are in the headlines almost every day, and it seems that no one is immune – even large companies like Adobe, eBay and JP Morgan have been victims. The common feature of these targeted cyber-attacks is that they have been discovered months after launching!
It is clear that prevention measures are not enough today. These cases reported in the news show that it is easier than we think for a hacker to take control of internal IT systems. Once inside an organisation they sit silently, sometimes for months, searching and exfiltrating information that can eventually be exposed on the Internet, end up in competitors’ hands, or used for other malicious purposes. Such situations always lead to major financial, reputational and legal impacts that are costly to recover from.
- What solutions are we looking forward to in the coming year?
Organisations must focus on the detection of threats and damage mitigation, rather than solely relying on defences that are supposed to prevent them from happening in the first place.
It’s important to concentrate on the signs of the first steps of an intrusion and have the visibility and means of immediately responding to any suspicious activity from the earliest stage. By leveraging IT analytics solutions that can document and generate alerts for any abnormal activity, organisations would be able to prevent the spread and damage of attacks that are simply invisible to their eyes today.
- Will attacks on infrastructure and organisations become more numerous, or do security solutions stand a chance?
The methods of attack are not only increasing, but also becoming more sophisticated, specific and targeted. Once determined to launch a targeted attack, your opponent can and will create a customized method of attack to compromise your environment, and will eventually succeed! Unfortunately in most cases, when traces of their presence are detected they are in fact already gone with the information and it is too late.
- What can organisations do to protect their data?
In today’s world of custom targeted attacks, traditional security solutions are ineffective because they do not discover unusual activities and usages that should be detected as such. The scenarios we read in the news highlight the need for robust solutions that can detect security violations and breaches and provide a new line of defines against modern and sophisticated targeted attacks.
Organisations need real-time visibility into their IT environments, with supporting and intelligent IT analytics to reveal risk factors and exposure, indicators of compromise and data exfiltration activities in real-time.
- What are some trends that will affect IT security in the next year?
Organisations need to recognize that it is not possible to provide a 100 percent secured environment. Perimeters and firewalls are no longer enough.
Once organisations acknowledge this, they can begin to apply more-sophisticated risk assessment and mitigation tools. IT analytics solutions can help organisations detect potential security breaches in progress by providing early alerting on any abnormal activities, unauthorized access or unknown software.
[su_box title=”About Poul Nielsen” style=”noise” box_color=”#336588″]
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.