2018 Security Predictions From Splunk

3756

Hackers will exploit broader entry points

In the coming year, we will see the attack surface growing and evolving as technologies such as mobile communication, cloud computing, IoT and transportation continue to evolve with the digital transformation. In a connected world, there are potential entry points for hackers everywhere – from employees’ smartphones to the increasingly automated fleet vehicles.

Attack capabilities have already evolved beyond traditional preventative and detection boundaries, regions and industries. And they are showing no signs of slowing down as hackers are looking to further exploit an attack surface that is becoming more horizontal. The major data breaches of 2017 are providing fertile grounds for new waves of phishing, identity theft and fraud.  Attack vectors will continue to grow and shift across the technology stack. And defending this new frontier will continue to become more challenging as perimeters are disappearing and boundaries are always changing.

Automation will help alleviate mundane security tasks and help close the skills gap

The security skills gap is widening every year, with no signs of slowing down, with ISACA estimating a global shortage of 2 million cybersecurity professionals by 2019. To combat the skills gap and assist in the growing adoption of advanced analytics, automation will become an even higher priority for CISOs. Automating repetitive manual tasks, where there is high confidence in the outcome, is often the first consideration. As automation continues to increase within the security operations center (SOC), tier 1 analysts will remove themselves from 101 security processes, moving beyond “red light/green light” alerts so they can better focus on proactive security strategy. In turn, this will help close the skills gap and enable security analysts to do more with less.

Weaponing machine learning in cybersecurity: The race is on

While the concept of bringing AI to solve cybersecurity challenges is not entirely new, it’s still in its infancy and not core or mainstream in most environments. We see AI’s applicability broadening in 2018. With this expansion of ML and AI for cybersecurity defenders, it should not be forgotten that actors on the attacker side have the same access to these technology advancements, and are collaborating and sharing to innovate faster. They can leverage ML and AI to speed up discovery of vulnerabilities, improve precision of attacks, morph the route and path to breach and avoid detection through counter-ML measures. Data and ML algorithms are emerging as a new battle ground where the winning strategy relies on having the best formula to fuse human intelligence, machine learning and data.

Get data privacy right or pay the price

How does 20 million euros and a bad reputation handling personal data sound as the entry-level price for a breach?  The new European Union data privacy regulation, known as the General Data Protection Regulation (GDPR), will be a catalyst to help companies rethink privacy and security control, and change the way they do business and protect their digital assets.

Organizations that operate in the European market will be potential targets for authorities trying to set a benchmark and put global companies on notice that they need to comply with the GDPR or pay the price. Companies will be subject to serious fines because they couldn’t answer the required questions after being breached or they failed the privacy audit required under the GDPR. Many organizations will have to double down on their spending for cybersecurity and data privacy capabilities, especially for their European subsidiaries after being fined for the first time.

Security will move beyond the SOC and become a business enabler

Digitization is impacting every aspect of our lives. But it also amplifies the inherent risks and potential vulnerabilities in the ever-more-connected world in which we live.

New technology can make the mission of protecting enterprises even more challenging. Digitization is driving CISOs to rapidly transform their security operations at a scale that was previously unimaginable. This is accelerating due to the convergence of cybersecurity and business risk management and  the convergence of operational technology (OT) security and information technology (IT) security. The shift from perimeter-based security to safeguarding and leveraging data from across systems, devices and cloud will provide unified visibility and holistic security risk assessment to the board, giving the CISO a more important seat at the executive table. It will enable businesses to leverage their data in ways they didn’t know were possible. These security insights and capabilities will provide confidence and enable companies to solve business-critical issues, improve the customer experience and even create new revenue streams.

About Haiyan Song
Haiyan Song, Senior Vice President of Security Markets at Splunk
In this article