Orchestration and Automation
In 2018, cybersecurity orchestration and automation will increase in both relevance and adoption.
This will be driven by the well-documented skills shortage within the sector, alongside the ever-expanding threat landscape. Over recent years, as the number of cyber risks have increased, so too have the alerts coming through various security systems, overwhelming the limited security analyst resource.
So, next year, solutions that provide a truly automated response are likely to come out on top. They can help to offload routine tasks away from enterprise Security Operation Centers (SOCs) and greatly enhance the security posture of smaller organisations by providing 24/7 coverage.
CASB
Next year, Cloud Access Security Brokers will evolve. Their use will go beyond discovery and visibility and into control.
Initially this control will be implemented for specific application classes such as cloud storage apps, webmail, collaboration and team messaging services, CRM and social media. The risk of sensitive or regulated content being uploaded in files to these apps is an increasing concern that CASBs should be able to help alleviate.
Cloud-only Malware
Malware which specifically targets cloud applications will continue to grow in 2018.
This includes malware that targets cloud storage shares to propagate or that utilises cloud storage apps to store command and control instructions or payloads. Ofcourse, this increase in malware designed for the cloud will accelerate the evolution in CASB usage.
Email Attack Surface
Email will continue to be the tool of choice for attackers and, as the primary infection vector, an important attack surface to secure.
As browsers become more secure, plugins decline and Internet Explorer loses market share to Chrome- and now perhaps Firefox Quantum- cyber criminals are moving away from the web channel as a means to infiltrate businesses.
So, the carefully crafted phishing email will continue to be the biggest threat to consider in any 2018 cybersecurity strategies.
Having said that, businesses should not take their eyes off the web channel- it remains the second most important attack surface for the majority of organisations.
IaaS and PaaS Security
The number of security vendors that are focused on assisting organisations with auditing and managing IT staff activity in IaaS and PaaS applications will grow. In 2018, coverage will need to extend beyond user activity in IaaS/PaaS web interfaces, with the growing use of APIs to spin up and down, configure and maintain VMs.
[su_box title=”About Richard Walters” style=”noise” box_color=”#336588″][short_info id=’74779′ desc=”true” all=”false”][/su_box]
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.