Reuven Harrison, CTO and Co-founder of Tufin, a provider of network security policy orchestration solutions for enterprise cybersecurity, has a few predictions up his sleeve.
Here are his thoughts on what 2017 might look like in the cybersecurity space:
- Security skills gap approaching Grand Canyon levels
- Increasing complexity has made protecting the enterprise network more difficult today than in the past. Compounding this issue is the expanding skills gap and staffing the right people to do the job. Since the security skills gap will pour into 2017, we expect automation to really take off in an effort to decrease manual, mundane responsibilities and regularly performed duties, and help shorthanded IT pros focus on what really matters. Skilled workers wasting time on tasks that could be done automatically are eating away at IT departments.
- DevOps data breach
- Of particular importance in 2017 is the need to apply security within the DevOps process, ensuring compliance to internal and external security rules without slowing down the primary mission of the DevOps team. This will be a challenge, as security is not inherently baked into a DevOps culture of “move fast, break stuff.” In 2017, DevOps oversights could be the new data breach. We may see a major breach that gets tracked back to the DevOps approach, causing DevOps and security teams to become new best friends.
- Trumped by government regulations
- The thought of a Trump administration inevitably failing to uphold regulations will keep IT departments tossing and turning at night. If Trump implements his de-regulation promises, and penalties for non-compliance with industry-wide security regulations are relaxed, security teams will need to be self-disciplined to maintain a high level of security by turning to outside resources for security best practices.
[su_box title=”About Reuven Harrison” style=”noise” box_color=”#336588″][short_info id=’61903′ desc=”true” all=”false”][/su_box]
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.