Most IT security professionals agree that security practices haven’t changed significantly in the last 25 years. The hacks associated with the recent United States presidential election have brought a fresh focus on the problem, and 2017 will see a big shake-up across the entire security industry.
Rather than being a topic discussed within boardrooms, cybersecurity will be the topic throughout IT departments big and small. Organizations are finally realizing that if a breach can happen at the highest levels of government, it can happen to them, too. The big spotlight shining on security will accelerate the pace of change to heightened security mindsets—probably faster than even we in the industry realize.
Here are five ways I predict cybersecurity needs to change in the coming year.
1. Security spending will increase at least 20 percent overall, year-over-year
Security spending was going to increase anyway. The number of incidents were already high—and growing—but the election hacks provided a wake-up call that’s forced businesses to take cybersecurity more seriously.
Security practices have changed so little that hackers are using old methodology, such as traditional distributed denial-of-service (DDoS) attacks and phishing schemes, because they still work. Beyond deeper encryption and more tools, our whole approach to security needs to change, which will require serious investment.
2. More focus on monitoring social engineering risk
Social engineering—a.k.a. manipulating individuals to reveal sensitive information insecurely—remains the best way to break into an organization. All it takes is one employee to click one link to compromise your entire network, as demonstrated by the hack on former chairman of the 2016 Hillary Clinton campaign John Podesta’s email, which was achieved through a simple phishing campaign.
Based on that, security teams will be under extra pressure to monitor, detect, and protect within their environments. We may never be able to completely eliminate social engineering—employees are human, and they make mistakes. We need better ways to detect risky behaviours and quickly isolate social engineering breaches before they cause costly damage, which will trigger security investments focused on this specific risk.
3. Education will become a key security strategy
Most companies provide some security education, but considering the growing number of security incidents—especially those around social engineering—we’re obviously not doing enough. However, the latest high-profile incidents based on simple employee mistakes will bring more urgency to the need for continuous workforce education.
Organizations will begin to realize that everyone who has access to the network should also be responsible for protecting it, not just the security team. Expect more investments in education that help employees understand why they need to be ultra-aware of security risk, so security policies can be more effective.
4. Greater demand for integration and standardization
Enhanced scrutiny on security will mean increased responsibility for security teams, who will need more comprehensive means of monitoring and managing their networks. Most security tools require the IT departments to learn the protocols of that tool and to log into a separate view to use it.
Companies are likely to start pushing vendors to not only integrate their own tool portfolios to roll up into a single-pane view, but to also establish common standards so multivendor tools can work together. For standardization to evolve, vendors and customers need to engage in an industry-wide conversation to develop more effective security solutions.
5. Increased need for IoT security (especially printers!)
The Internet of Things (IoT) has introduced a whole new set of entry points to the network that need to be secured—sometimes in the form of “old” devices, such as printers. During recent conversations with other high-level security professionals at an industry event, many were surprised to realize they hadn’t considered printer security before.
Printers aren’t just connected through a direct port to your computer like they used to be. They’re part of the network and they’re smart, meaning they can be hacked just like any other device. Printers can also present a physical security risk if they’re used to print sensitive information, which points to the need for education around printer security, as well. If printer security awareness doesn’t increase under the spotlight on all the other security issues, it certainly needs to.
When it comes to securing our data, networks, and organizations, we could all do a better job. Current events have shown that we certainly need to, and we need to work more closely together across the industry to perform security more effectively and consistently. Change in the security industry is coming whether you’re driving it or just along for the ride. Are you ready?