There is no shortage of security concerns in the world of technology today. It seems like there are news headlines almost every week of data breaches, ransomware infections, and other security-related events. As we look ahead in 2019 and where we are in the security world, there are certainly very concerning things that need to be considered for the future. In taking in some of the takeaways from the recent RSA conference where we learned about the Service-Defined Firewall from VMware, there were some interesting takeaways from the security front as to the months and years ahead. Let’s take a look at the top security threats and responses in 2019 and how the security world is evolving both on the side of the good guys as well as from side of the attacker.
Protecting Data is Key in 2019 and Years Ahead
Data is at the heart of the world as we know it today as far as businesses are concerned. Data has been described as the new modern “gold”. Businesses are made and lost over data. There is no question today the ultimate prize for attackers is data that can be stolen, compromised, corrupted, leaked or held for ransom. Businesses today into 2019 and ahead need to realize this fact and design their security and data protection solutions infrastructure accordingly.
Data must be protected at all costs. The stakes are growing much higher for data loss or leak. As seen with new General Data Protection Regulation or GDPR compliance regulation, not securing or protecting customer data can lead to serious penalties for businesses today, including a sizeable percentage of overall revenue. Aside from compliance regulations, there are often very sizeable and costly intangible penalties for organizations who do not prioritize security and data protection in general. Aside from outright legal and financial penalties, lost customer confidence, and tarnished business reputation are intangible costs that can be tremendously damaging to the point it can literally take an organization out of business.
As shown in the infographic from VMware, the cost of security breaches is growing exponentially. The cost is staggering to businesses. As Tom Corn, the VMware senior vice president and general manager of security products mentioned, “cybercrime is the greatest threat to every company in the world.”
Top Security Threats and Responses in 2019 and Ahead
Highlighting some notes from the 2019 RSA conference in San Francisco, there are definitely some takeways from a security threats perspective. First and foremost, tying into the topic above on the importance of data, one of the risks to security in 2019 and ahead is misguided priorities. As mentioned in the conference, it is an easy mistake to make to focus on the infrastructure including devices themselves rather than the applications and data. Security must not be an afterthought any longer. It must be an integral part of the infrastructure.
Going back to GDPR, one of the primary objectives of the GDPR compliance regulation is “security by design”. If organizations are not designing infrastructure systems with security in mind from the outset, they will not be successful in securing their data. New security mechanisms and solutions that are utilized from henceforth in today’s modern infrastructure world, must be fully integrated.
Machine Learning will be a Key to Security on Both Sides
Machine learning is in the news in the security world and all other IT infrastructure from now til the future. Machine learning may not be the end all solution to all problems, however, it is going to be a huge feature and characteristic of most IT operations in 2019 and in the future. Machine learning can simply do certain things better than human beings. The ML algorithms are extremely good at analyzing data, and massive amounts of data at that. This is not the strong suite of humans. ML code can profile a data set and easily “learn” what “normal” looks like from a data and activity/behavioral perspective. Then, it can easily point out what anomalies exist or that are noticed.
Machine learning is going to be key in fighting the security battles ahead as the sheer amount of data and network traffic that are generated today and software utilized is simply far too complex and massive for humans to be able to monitor effectively without help. This is where ML is going to play a massive role.
However this is a double-edged sword as not only the good guys are using machine learning, but also the bad guys. When used by the bad guys, ML can help them to spot weaknesses and perform security analysis for reconaissance much more quickly and easily. If ML systems are invaded by attackers as well, these algorithms and data could be intentionally altered to draw different conclusions.
Security Teams Must be More Agile
Security teams must be much more agile in 2019 and the years ahead. Security attacks can happen quickly and escalate quickly. As pointed out at the RSA conference, security responses by organizations can drastically be slowed by meetings and official processes rather than responding appropriately and quickly to attacks. Security teams need to have the flexibility and the authorization to work directly with IT, network teams, and even customers to accomplish the task at hand of securing and responding to security events at hand.
The old traditional security response methods are slow, outdated, and inadequate. The attackers do not play by the traditional rules and so organizations with their security responses must not play by the traditional rules of engagement either. Action must be swift and effective.
More trained security professionals are needed in the industry as the gap is becoming wider of security positions that need to be filled. In addition, organizations need to empower security professionals with the tools and cloud AI needed to be effective in their roles. Providing tools required is a key to being able to win the war on security and fill needed positions.
Security is a tremendously concerning area for companies today. The stakes are growing ever larger and the threats are multiplying. Organizations today have to start thinking of security first and not as an afterthought. Protecting applications and data is the key. The focus needs to be here and not on the infrastructure itself. Data is the target and not infrastructure. It is great to see VMware and other companies really stepping up their game in the area of security as this couldn’t be more important as of now. The Top Security Threats and Responses in 2019 and Ahead will certainly be a challenge and will keep organizations on their toes to continue to protect their assets.