The domino effect
Kevin Cunningham, president and founder, SailPoint
“2016 has been the year of poor password hygiene, with people continuing to use the same password across a myriad of personal and professional applications. The result of this is that seemingly unrelated corporate accounts are put at risk. It’s a domino effect – hackers are going on to leverage identities from one organisation to the next, charting their way across the corporate landscape unchecked. This is a new phenomenon, but one we’re likely to see more of in 2017. It’s also an indication of how patient these guys are. They take their time and work the chain to get to the info they’re ultimately after. They’re willing to work for it; with the average time for organisations to detect a threat embedded in the network more than 200 days in the round, it gives them a wide window to do serious damage.”
Identity analytics
Kevin Cunningham, president and founder, SailPoint
“Identity analytics will become increasingly more important in 2017, giving organisations an understanding and insight into human behaviours related to identity access and anomaly detection. Understanding and predicting human behaviour is the next frontier of identity access management (IAM). This will manifest itself in enabling the organisation to query who has requested what and how that is different from other users. Additionally, how a certain application is being used compared to how other users are engaging with it. From a governance standpoint, if someone is not using an application, does that mean that entitlement goes away or do they simply not know that this application could help them do their jobs better? These are the kind of insights organisations will benefit from in the year to come with increased visibility into user behaviour.”
Cyber-attack fatigue (government, critical infrastructure, DNS and the cloud)
Darran Rolls, CTO, SailPoint
“Cyber-attacks are going to continue and increase in scale, but we’re seeing a greater acceptance of the fact that an attack will happen, leading to an increased level of fatigue. As a result, in 2017 we’re going to see an increase in domestic attacks on the government, as well as on critical infrastructure – that includes the grid and nuclear power plants. I like to call this the ‘internet of insecure things’, because as we’ve seen, these industries use devices that are completely vulnerable, ripe for attack.
“We’ll see additional attacks on domain name systems (DNS), like the recent hit on Dyn which caused a massive outage on the US west coast, taking down several major websites that are used on a daily basis. The next attack will be even more significant than what we’ve already seen, down to our reliance on centralised systems and the sheer vulnerability of DNS.
“There’s also a good chance we’ll see a major cloud provider admitting to a background worm that’s been there forever. We think of the underlying infrastructure providers as safe havens, but they’re not. There are likely major flaws in systems we’ve all assumed are secure, similar to the Heartbleed vulnerability. While for some, the frequency of data breaches can create a state of fatigue and acceptance, organisations must resist the temptation to sit on their hands. Identity must be at the core of cybersecurity. That means taking responsibility for knowing what data is being accessed, by who and at any given time.”
GDPR wake-up call
Darran Rolls, CTO, SailPoint
“When people begin to truly understand the implications of what GDPR means for businesses today, it’s going to result in a lot more disclosure in general. While no-one will be penalised until 2018, businesses must begin to align their processes in the coming year in order not to get caught out. For example, if you lose your laptop, which contains a list of customers on its hard drive, and it’s not encrypted, your company will have to declare that publicly to avoid a hefty fine. The GDPR ‘wake-up call’ will likely see companies scrambling to get organised in 2017.”
The cybersecurity brain drain
Mark McClain, CEO and founder, SailPoint
“The security market is experiencing a significant talent shortage – exacerbated by the continuing evolution of the industry. There aren’t enough experts out there and those that exist are sometimes in danger of becoming obsolete if they’re not constantly reinventing themselves, or staying abreast of the tools and threats of the day.
“In 2017 the industry will respond to this in two ways: firstly, there will be lots of education and training to retrofit general IT staff into many of these roles, due to the increasing importance of security within the general IT landscape. Secondly, vendors will continue to look for ways to leverage the new wave of automation and artificial intelligence. As the complexity and volume of security-related issues increases, companies will expect vendors to help them ‘separate the signal from the noise’, so they can focus their efforts on the areas of greatest risk and impact.”
[su_box title=”About SailPoint” style=”noise” box_color=”#336588″][short_info id=’70438′ desc=”true” all=”false”][/su_box]
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.