Netwrix unveils security trends set to drive IT strategies and investments in New Year

While the number of reported data breaches this year is lower than in 2014, the volume of compromised accounts increased dramatically, exposing more personal data than ever before. Netwrix has duly assessed the top IT security trends and technologies to look out for in 2016.

Attack surface will continue to grow. Interest in SaaS applications, Bring Your Own Device, the cloud, Internet of Things devices, ‘wearables’ and self-driving cars makes it hard to reduce all possible vulnerabilities.

Hackers will continue to take advantage of insecure systems and devices, targeting with techniques that are far more sophisticated. This will inevitably shift the focus from incident prevention to incident detection and attack response, in turn encouraging the development of new technologies to automate basic remediation and free-up resources for mitigating security risks.

Personal data harvesting will gain traction. Criminals, hacktivists and state-backed hackers will continue to take advantage of personal data to craft sophisticated targeted phishing attacks, or even blackmail owners to gain access to critical systems and data. High demand for personal data and its growing value on the black market, along with advanced big data analytics, will drive hackers towards collecting and analysing larger volumes of personal records from social media, healthcare, finance and Government institutions.

Protection against insider threats will become a priority. The growing number of data breaches caused by human errors and malicious insiders, high costs and the lack of mature and reliable mechanisms to prevent insider misuse will force IT security professionals to focus on gaining visibility into what end users are doing across the network. This will encourage the development of solutions to track user activity and raise alerts about unusual behaviour.

Account hijacking paves the way to the network. The acquisition of credentials becomes a more attractive way to gain direct access to a wide range of devices, data, services and applications. The ability to bypass all security mechanisms and act without arousing suspicion will stimulate adversaries to develop new methods of account theft. Companies will look for solutions on improved visibility into user activity, behaviour analytics and multi-factor authentication.

Picture of emerging trends

The cyber arms race will impact more people. Nation states will continue investing in cyber warfare to craft sophisticated targeted attacks against other Governments, military networks, international businesses and critical infrastructures, etc.

Cyber attacks at the very highest level will continue and there will be more notable large-scale cases. The race will lead towards two major consequences affecting everybody in the long run: the availability of advanced tools and malware for criminals and the collection of huge volumes of personal data.

Demand for outsourced services will grow. As major cloud providers invest considerable effort into improving the quality of their services and deploying advanced security systems, they’ll witness a growing demand for their services from companies that don’t have the resources to ensure the same security level for business-critical assets and look for ways in which to achieve their goals with lower investments.

Virtual machine host firmware is at risk of hidden attacks. Leveraging firmware vulnerabilities will become an easy way of gaining secret access to the entire physical machine with a virtual environment deployed.

The number of firmware attacks is considerably low at the moment, but it has all the reasons to develop into a full threat that organisations will have to cope with in some way.

“Data breaches have evolved from being purely IT risks to become a threat to the high-level business goals, which makes security a major concern for the majority of companies,” stated Michael Fimin, CEO and co-founder of Netwrix. “It’s unlikely that we’ll see completely new threats in 2016. All trends and innovations that drive the IT security industry are associated with the detection of suspicious activities and quicker response to security incidents. Pleasingly, companies are planning to increase their efforts around asset protection.”

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts