2017 TECH TRENDS SPECIAL
gradual shift in focus from the retail segment to others, such as travel and restaurants.
Attackers are also moving downstream and focusing more on smaller retailers and businesses, tempted by the number of target organisations available and less sophisticate IT infrastructure. The core problem around Point of Sale( POS) breaches also remains largely unaddressed. Thousands of POS systems continue to run without any form of antivirus software because of older Windows XP operating systems and the“ trust” relation system with asset management servers. With one compromise to the asset management system, malware can be distributed un-noticed to POS terminals en masse. With this compromise, attackers can also open communications to continue updating new variants of malware, commands and exfiltration of data. This is an extremely high-risk vulnerability that can go undetected for months – even years – before the breach is discovered.
This is worrying, considering that the UAE e-commerce market is estimated to grow to AED 40 billion( almost $ 11 billion) by 2020, according to Frost & Sullivan. Furthermore, with the increased use of the TOR network and the value of data sold on the DarkWeb being between $ 5- $ 30 per stolen credit and debit card, the incentive to target POS systems will remain high.
Budgets will prioritise detection over prevention As breaches continued this year, a larger number of CISOs started considering more budget allocations towards detection systems, so that attackers inside the network could be identified and stopped. Historically, more than 75 % of InfoSec technology budgets are spent on preventative solutions and their maintenance. However, a recent survey by Pierre Audoin Consultants among 200 decision makers showed they expected to spend 39 % of their of their IT security budget overall on detection and response within two years. Gartner has also projected that by 2020, 60 % of security budgets will be allocated for rapid detection and response approaches, up from less than 10 % in 2014.
Deception technology will enter the mainstream for advanced threat detection Gartner predicts that by 2018, 10 % of enterprises will use deception tools and tactics, and actively participate in deception operations against attackers, closing the gap in detecting signature-less or unknown attacks. In 2017, deception technology will be a preferred solution for advanced threat detection. Gartner has called out deception as an automated responsive mechanism, representing a major shift in capabilities and the future of IT security. They have stated that deception is the most advanced approach for detecting threats within a network and acknowledged it as a top 10 security trend for 2015, 2016, and we predict again for 2017.
Dwell time for attacks will decrease According to a variety of sources, malware continues to go undetected within companies for months— with some detections occurring after as many as 200 days. With more emphasis on detection technology, there will be a decrease in dwell time and an increase in the number of breaches being detected by internal teams, whereas, historically, only 1 in 5 breaches are detected internally. I predict that by the end of 2017, this number will increase to 50 % of all breaches being detected internally by customers, law enforcement agencies, and other interested third parties.
Mutual collaboration and intelligence-sharing will drive efficiency Frost & Sullivan estimates that network security spending in the GCC will reach $ 1 billion by 2018. While this is encouraging, intelligence-sharing is as important in the campaign against cyber crime. Vendors will continue to collaborate in sharing information and on integrating their solutions, enabling the sharing of data and providing security teams with a single source of information on possible attacks. Collaboration will allow teams to see real threats they might have missed on their own, based on a partial view of threat activity throughout the network. Operational efficiency will increase significantly, providing better detection, quick remediation, and more effective incident response at the time of attack.
Clues are dead …
Kaspersky Lab’ s discovery in 2016 of an APT able to create new tools for each victim has effectively killed off‘ Indicators of Compromise’ as a reliable means of detecting infection, according to the company’ s Threat Predictions for 2017. www. intelligentcio. com INTELLIGENTCIO
37