Will 2019 be better or worse than 2018? Traditional business structures will continue to get disrupted over the next two to five years. The digital age has created unprecedented opportunities to do business and deliver services using new technologies. Organizations are rapidly embracing social media, mobility and cloud computing technology and transforming their ICT operations. The fast advancement in above technologies is being driven by the economics of value and advantage created by this competitive change. While this opens up exciting new opportunities, improves efficiency, it also exposes businesses to larger attack surface and associated multiplicative risks of cyber-attacks of adopting such emerging technologies, increased network bandwidth, and interconnected devices.
These new technologies are also allowing hackers to radically increase their attack surface, automate malicious attacks, and launch assaults to disrupt services and products which were once unapproachable. This is putting businesses’ prized asset, their crown jewels or data at risk. The challenges and risks in the areas of data security, privacy, and compliance responsibilities act as a major barrier. Businesses, both small and big, today are facing the challenge of managing enterprise security across an array of applications, infrastructure, while remaining ‘open’ and ‘hyper-connected’ at the same time.
We are witnessing growing demand for comprehensive consulting and professional security services for 24x7 monitoring & incidence response, application and network vulnerability management, end-point security management, identity and access management, governance, risk, and compliance. As we battle the hackers, we need to diversify our energy better towards onboarding optimum Tactics, Techniques, and Procedures (TTPs) from all perspectives. Utility providers that have a large amount of data of their clients will continue to think, as to how to use it, and will overstep into customer privacy. All security leaders need be transparent about how customer data is used, regardless of industry. Otherwise, they will invite scrutiny from regulators, privacy advocates including clients. Skill and talent shortages and regulatory changes like the GDPR are driving continued growth in the security services market. The security and privacy concerns will drive Cyber-security market demand through 2019 and influence segments like identity and access management (IAM), identity governance and administration (IGA), Continuous monitoring through SOC including Incidence response, vulnerability management, and data loss prevention (DLP) services & solutions. There will be continuous need to hire professional who look at legitimate use and misuse of data including sharing.
With increase in cyber-attacks globally and adoption of rapidly changing control technologies, customers are also requesting for advanced Security Operation Centers (SOC) or cyber command centers having automation, orchestration, behavioral analytics, threat intelligence and case management built-in on the central platform. Additionally, multi skilled resources to rapidly triage alerts and incidences. The managed security service market size will grow to over 35 Billion USD by 2021 as businesses deal against emerging threats, plan and prepare for resilience to rapidly recover from security incidents.
Improved visibility as a trend won’t run away anytime soon as need for a “single pane of glass” is only growing. It has been overwhelming and time consuming for security analysts to navigate through multiple systems to get the full view of any security case. Integrated solutions with backend security analytics SIEM solutions to view and manage all security functions in unified dashboard will see increased usage. Systems that use recognition algorithms and machine learning to abstract insights from large data sets will be preferred.
Cyber-criminals continue to generate over $2 billion in revenue using ransomware. Criminals have long profited from ransomware by encrypting victim's data and thereafter demanding ransom for the crypto key. Ransomware attacks can disrupt business operations and automated production assemblies, and prove dangerous on medical devices or connected vehicles. Botnets will also continue breach applications and manipulate infrastructure. Security teams would continually need to discern if the traffic source is human or automated, determine if the automated traffic is from partner sources such as search engines or malicious traffic, and defend against bad traffic on their sites impacting performance and availability. We also expect senior executives and those with privileged access to be the biggest target of attack.
Given the volatile cyber threat landscape, businesses will need to add a Chief Information Security Officer (CISO) to their executive team. In 2019, we will see the number of CISOs exponentially rise over present 67%. In addition to the CISO, businesses will add other new roles such as a compliance officer, data privacy officer, and risk officer into the cybersecurity team.