With 2017 right around the corner, we have a few predictions for what may take place in the security domain next year.
Staying ahead of the curve
As we mentioned in our networking predictions blog post, 2017 will be a year in which solution vendors come under increasing pressure to integrate products into standardized work flows while providing unique value-add features that address cyber threats. At Savvius we achieve this balance by adhering to commonly accepted industry standards and by not trying to reinvent the wheel where technologies are readily available in the market. At the same time, we are able to complement the industry by applying our expertise in packet analytics and automated data collection to provide industry-leading troubleshooting and security capabilities that result in rapid resolution of network and security investigations.
Unlike the networking industry, which is already quite mature and facing considerable pressure to consolidate, the security space is still a veritable Wild West of competing technologies and approaches. One thing is certain. 2017 breaches resulting in the exfiltration of sensitive data will continue to rise. As an active participant in the security industry, Savvius will continue to play its role helping companies prepare for a breach and minimize its impact.
2017 Security Predictions
- Security teams will turn to network engineers for the truth contained in packet data as metadata and log data are increasingly compromised. At the same time, security analytics based on network data will become the “hot” topic for presentations at security conventions.
- Sophisticated, state-sponsored security breaches will continue to increase. These adversaries are becoming more adept at bypassing traditional security measures, so as the number of breaches rises, network engineers will increasingly find themselves being called upon to help security investigations. They will need to provide critical network packet data that efficiently answers the who, what, when and how of the intrusion – even weeks or months after being discovered.
- Security stack complexity will continue to increase even more rapidly than attack surfaces, greatly increasing the tension between doing business (having low-friction systems and processes) and being in business (avoiding major security incidents), making it vital that enterprises have the capability to conduct rapid, accurate investigations into security incidents.
- Security teams will be increasingly inundated by incidents requiring investigation. The only solution is to automate the routine parts of their workflow to help speed up the analysis process. Smart hackers find ways to disguise attacks as low-priority issues making quantity of investigations as important as quality. Automating data collection and alert correlation techniques will help these teams analyze alerts as they come in so that low-level alerts don’t fly under the radar and go unchecked. With adequate automation technology in place, security analysts can expect up to a five-fold increase in the number of alerts that can be checked by the same manpower.
- Security teams will see their budgets increase, but demands on their time and expertise will increase even more. The choice is between tolerating increased risk or increasing the efficiency of the security team through automation and machine intelligence.
Check out our 2017 predictions for the network space here.