Future Trends in Digital Security: Insights for 2016
In the rapidly evolving business world, companies are embracing outsourcing, 'cloudsource', and consumerized IT systems, leading to a shrinking of traditional business networks. This shift towards digital entities and cloud-based systems introduces a new cyber security learning curve, requiring state-of-the-art capabilities for visibility, policy control, and meeting regulatory requirements in complex, multi-tenanted and multi-homed environments.
Europe, in particular, is heading towards transformational IT and the digital business entity, with a focus on assessing the risks created by complex international supply chains. The growing adoption of SaaS resources, IoT, devices such as machine-to-machine (M2M) in the workplace, and user-purchased wearables are contributing to this shift.
However, this digital transformation also brings new challenges. There is an increasing concern about being caught in the crossfire of nation-state attacks for companies that are part of the supply chain for critical national infrastructure (CNI). Nation-state groups are looking to commercial cybercriminals for new innovative techniques and undisclosed vulnerabilities.
As the opportunity grows, attackers are focusing on hacking into automotive systems, and businesses must expect more focus on mobile devices, especially as more companies enable mobile payment processing. Confusion is expected over the level of security capability required as nation-state attacks grow, increasing focus on this complex and challenging space.
The importance of good cyber security in the boardroom is expected to increase in 2016. The CSO's role is increasingly moving away from reporting to the CIO and is being elevated to report to the general counsel, CFO, or CEO. Potential auditing and notification of capabilities when incidents occur will increase the pressure to keep pace and prevent such instances.
By the end of 2016, businesses will be required to have security capabilities aligned to the current state of the art, based on their risk profile. Many regular attacks are now leveraging advanced concepts from APT attacks, such as multiple components to avoid detection.
The gap between businesses that leverage state-of-the-art cyber security and those that follow traditional practices is becoming more evident. European operators of essential services in utilities, healthcare, transport, and communications, as well as suppliers in these sectors, are pressured in 2016 to develop state-of-the-art security capacities for shadow IT systems to meet regulatory compliance and gain better visibility and control over complex, multi-homed, and multi-tenanted environments, driven by new network architectures and the growing adoption of IoT, SaaS, and BYOD systems.
The rise of mobile payment platforms like Apple Pay and Google Pay will likely lead to a shift in cybercrime towards smartphones. As businesses navigate this complex landscape, the need for robust, modern cyber security measures will only grow. The Network Information Security Directive and General Data Protection Regulation Reform will have a significant impact on cyber strategies in 2016, underscoring the importance of staying informed and prepared.
