2017 TECH TRENDS SPECIAL

gradual shift in focus from the retail segment to others , such as travel and restaurants .

Attackers are also moving downstream and focusing more on smaller retailers and businesses , tempted by the number of target organisations available and less sophisticate IT infrastructure . The core problem around Point of Sale ( POS ) breaches also remains largely unaddressed . Thousands of POS systems continue to run without any form of antivirus software because of older Windows XP operating systems and the “ trust ” relation system with asset management servers . With one compromise to the asset management system , malware can be distributed un-noticed to POS terminals en masse . With this compromise , attackers can also open communications to continue updating new variants of malware , commands and exfiltration of data . This is an extremely high-risk vulnerability that can go undetected for months – even years – before the breach is discovered .

This is worrying , considering that the UAE e-commerce market is estimated to grow to AED 40 billion ( almost $ 11 billion ) by 2020 , according to Frost & Sullivan . Furthermore , with the increased use of the TOR network and the value of data sold on the DarkWeb being between $ 5- $ 30 per stolen credit and debit card , the incentive to target POS systems will remain high .

Budgets will prioritise detection over prevention As breaches continued this year , a larger number of CISOs started considering more budget allocations towards detection systems , so that attackers inside the network could be identified and stopped . Historically , more than 75 % of InfoSec technology budgets are spent on preventative solutions and their maintenance . However , a recent survey by Pierre Audoin Consultants among 200 decision makers showed they expected to spend 39 % of their of their IT security budget overall on detection and response within two years . Gartner has also projected that by 2020 , 60 % of security budgets will be allocated for rapid detection and response approaches , up from less than 10 % in 2014 .

Deception technology will enter the mainstream for advanced threat detection Gartner predicts that by 2018 , 10 % of enterprises will use deception tools and tactics , and actively participate in deception operations against attackers , closing the gap in detecting signature-less or unknown attacks . In 2017 , deception technology will be a preferred solution for advanced threat detection . Gartner has called out deception as an automated responsive mechanism , representing a major shift in capabilities and the future of IT security . They have stated that deception is the most advanced approach for detecting threats within a network and acknowledged it as a top 10 security trend for 2015 , 2016 , and we predict again for 2017 .

Dwell time for attacks will decrease According to a variety of sources , malware continues to go undetected within companies for months — with some detections occurring after as many as 200 days . With more emphasis on detection technology , there will be a decrease in dwell time and an increase in the number of breaches being detected by internal teams , whereas , historically , only 1 in 5 breaches are detected internally . I predict that by the end of 2017 , this number will increase to 50 % of all breaches being detected internally by customers , law enforcement agencies , and other interested third parties .

Mutual collaboration and intelligence-sharing will drive efficiency Frost & Sullivan estimates that network security spending in the GCC will reach $ 1 billion by 2018 . While this is encouraging , intelligence-sharing is as important in the campaign against cyber crime . Vendors will continue to collaborate in sharing information and on integrating their solutions , enabling the sharing of data and providing security teams with a single source of information on possible attacks . Collaboration will allow teams to see real threats they might have missed on their own , based on a partial view of threat activity throughout the network . Operational efficiency will increase significantly , providing better detection , quick remediation , and more effective incident response at the time of attack .

Clues are dead …

37