Security is more than ever at the heart of business concerns. In 2016 there were so many large-scale attacks on organizations in various sectors that we did not feel that there was a day without the announcement of a massive data leak or a threat online. In a context where data center infrastructures are changing, it is necessary to review security approaches.
It’s time to change your approach to security. In 2017, you may see the following trends of data security:
1. Applications take control
Traditionally, security teams protecting the perimeters of the data center working closely with those of infrastructure. At the time of the hybrid Cloud, where infrastructure perimeters are less accurate and applications and data increasingly critical for business, the traditional approach has to change. In 2017, applications will become the No. 1 concern of security teams. They seek to better align with business to deploy their security policies. The acceleration of containerization and methodology DevOps also contribute to the spread of this new security model.
With these new approaches to development, applications spend a monolithic model to a distributed architecture based on components. They will constitute the new infrastructure foundation upon which security teams will build their protection policies.
The business teams will be more transparent about their components, which will help security teams to adjust their control strategies. We may already see the first signs of this trend with the rise of micro-segmentation of networks, which will process a critical application that is compartmentalized segment, processing element and screening points. Through this process, network control strategies are well aligned with the boundaries of applications. We believe the adoption of this approach and other applications oriented safety principles can only accelerate in the coming year.
2. Safety in the Cloud vs. Cloud Security
So far, the issues around Cloud adoption (public or private) focused on security, and although the concerns and challenges remain in 2017, the security team will look to the Cloud to implement approaches that were impossible in the world of traditional data centers.
An increasing number of technologies and techniques dedicated to securing applications and data in the Cloud will emerge. These include mechanisms related controls and policies by application components, the dynamic adaptation of the level of protection to the posture of the application, the automated management of responses to security incidents, micro-segmentation and better visibility and more control.
As the Cloud evolves from a model based on “absolute confidence” towards a model offering more visibility, isolation between customers and more third-party control, users will have the ability to measure the level of protection offered in their choice providers.
This year, the Cloud will provide more security to host large range of applications and services.
3. The simplicity and automation: the new security innovation trends
Security has become an extremely complex element; the most limiting factor for most specialized services is the lack of qualified personnel. The talent shortage and difficulty in financing the recruitment of experts have reduced the capacity of firms to adopt new and more powerful security technologies. But things are about to change. The lack of qualified professionals will lead the adoption of next-generation technology designed to simplify and automate the security process infrastructure and critical applications in data centers and in the Cloud. Moreover, a number of companies are already working to automate incident management.
The need to stay ahead of critical threats also continues to encourage innovation in other areas, including the detection and predictive analysis.
4. More sophisticated attacks by increasingly new cybercriminals
Data protection is increasingly complex in the face of increasingly sophisticated attacks. Addressing the growing threats, perpetuated by nation-states and organized crime, requires highly specialized skills. On the other hand, the aforementioned automation tendency is a double-edged blade.
The militarization of cyberspace has led to the creation of a wave of more automated tools to create and execute sophisticated attacks. Among them are Zeus (for the creation of Trojans) and BlackPoS (used to attack point-of-sale terminals, and responsible for a number of data leaks in the retail sector). The proliferation of this sophisticated malicious software, whose operation has been considerably simplified, will provoke a succession of major attacks by much more varied assailants. We are already seeing an expansion of the population of experienced attackers, as well as the diversification of their motivations; they now include dissidents or activists driven by political causes. These trends will undoubtedly contribute in the longer term to better correlating and identifying these new threats, but this will first of all mean a deterioration of the situation before things improve.
5. The convergence of mobile security and identity checks
So far, mobile security and management of identity and access management (IAM) were two separate markets, but their paths are destined to cross. Mobile devices are an essential tool for employees. They are used in communication devices Indeed, data storage and application portals. But above all, they are increasingly used as an identification and authentication mechanism.
Identity management is rapidly moving towards a behavioural model based on risk. IAM estimates the terminal risk level, the criticality of the application and the data accessed, and the level of confidence as to the real identity of the user. The usefulness of controls based on risk management is that authentication and isolation were insufficient to establish the veracity of reliably identities. The consistency of behavioural analysis enables companies to address risks compromising services, authenticated, isolated and trusts, via the operator of the imperfections of their implementation or infrastructure. We are already starting to see security solutions unify these two areas and this trend is expected to increase during the year.