Gartner: Mobile, big data, advanced attacks shape threat landscape
Gartner analysts see three main trends framing the security discussion moving forward: mobile security, big data and advanced targeted attacks. The company presented its take on these high-level trends and more at its recent three-day security and risk management summit in National Harbor, MD.
- Mobile: As focus shifts from the device to the app/data, understanding the device types and how users are using them is just as important as the user identities.
- Big data: Delivering risk-prioritized actionable insight will require security analytics as well as changes in information security technologies, integration methods and processes.
- Advanced targeted attacks: The latest attack strategies use custom or dynamically generated malware for the initial breach and data-gathering phase. Enterprises should employ a defense-in-depth, layered approach model.
Reporters and attendees also shared insights and factoids from the conference.
InfoSecurity magazine covered the keynote by Paul Proctor, Gartner vice president and senior analyst, who described four security scenarios that organizations will experience over the next decade:
- Regulated risk, where a government organization leverages regulation to protect enterprises and itself.
- Coalition rule, where barriers to entry for malicious actors are low, and government intervention is absent or ineffective.
- The controlling parent, where the government will step in to protect the individual.
- Neighborhood watch or anarchy, where decreasing regulation signals that government intervention will not materially impact the targeting of individuals.
Ray Wagner, managing vice president of Gartner’s secure business enablement group, spoke on trends affecting IT security managers, according to Network World.
- The use of cloud services, especially those outside the control of the IT department, means antivirus and perimeter firewalls are increasingly ineffective.
- All packets across the network are suspect, so monitoring should be considered a basic means to detect attacks.
- By 2020, 75 percent of IT budgets will be set aside for rapid detection and response approaches, up from less than 10 percent in 2012.
- Identity management and context-aware security will be key to supporting mobile devices in the enterprise.
- Identity and access management may need to recognize social-network identities.
Steve Piper at the CyberEdge Group listed his top five takeaways from the conference in a blog post:
- The exhibit hall was chock full of vendors touting their abilities to detect advanced threats: FireEye, Palo Alto Networks, Damballa, Sourcefire, Trend Micro, AhnLab, Blue Coat, Zscaler, Proofpoint and many more.
- The second-biggest theme this year was around BYOD and securing mobile devices. In a recent Gartner survey on 2012-2014 security spending priorities, mobile device management came in first place.
- The concept of big data worked its way into virtually every session that talked about security incident event management (SIEM) technology and tactics for uncovering advanced threats.
- The industry is so hot and heavy for advanced threat protection products (and rightfully so) that it seems to have forgotten about the critical importance of good old-fashioned vulnerability management and patch management solutions.
- Everyone — analysts, attendees and even vendors — agrees that it’s no longer a matter of “if” your network will be compromised. It's a matter of “when.”
Gartner’s Jay Heiser spoke on security myths — the misconceptions and exaggerations about threats and the technologies to combat those threats. Among those myths, reported by Security Week, are:
- Information security budgets are 10 percent of IT spending. Recent Gartner research shows that information security spending is closer to 5 percent of the total IT budget
- Password expiration and complexity reduces risk: Cracking is just not the major failure mode. Passwords are not cracked, they’re sniffed.
Other tweet-worthy insights from the conference included:
- By 2019, 90 percent of organizations will have personal data on IT systems that they don't own or control. Hostreview.com.
- Monitoring employee behavior in digital environments is on the rise, with 60 percent of corporations expected to implement formal programs for monitoring external social media for security breaches and incidents by 2015. Gartner.
- Only 8 percent of organizations are running next-generation firewalls. And the organizations that purchased next-generation firewalls are not properly configuring them or using them to their fullest extent. CRN.
Posted by Susan Miller on Jun 18, 2013 at 10:37 AM