In the wake of the surprisingly high volume of serious data breaches that hit businesses of all sizes (and impacted millions of consumers) last year, information security practices are already undergoing even closer scrutiny as many companies review their business priorities in 2019 and beyond.
Industry trend-watchers are already beginning to consider what this year will ultimately bring for information security. An interesting perspective from these comes from an outline by Netwrix charting the top 7 IT security trends in 2019. As spring warms up and industry conferences for the year start to rev up, we wanted to take the opportunity to reflect on these, take stock of how our platform is prepared to respond to them, and how you can make use of these techniques as you roll out new, responsive products to your customers.
Compliance is farther-reaching and imposing greater demands on end-users.
The adoption and rollout of the European Union’s GDPR data protection regime is evidence that the government now has a greater appetite to stare down data-rich companies and take serious action on data regulation than in the past. Not only does the GDPR set some of the most concrete and stringent data handling requirements of any jurisdiction, but it has inspired others to implement incremental protections that approach this level of oversight. California has passed one of the strictest data laws in the United States, and even municipalities are beginning to consider their own standards.
While it’s possible that this is only an ephemeral, localized uptick in data regulations, it seems more likely that this represents the achievement of a critical mass, and a milestone marking an acceleration of efforts at all levels of government to take data handling regulation seriously. This may also have to do with the fact that enterprise end-users are collecting new kinds of information on consumers as facial recognition and beacon technologies mature, or it could owe primarily to the number of high-impact breaches that were downplayed or hidden by companies.
Regardless of how long-lived this phenomenon will prove to be, increased regulatory burdens are not going to go away anytime soon, and your customers are going to look to you for drop-in solutions. This will be especially true for your SME customers, who may not be able to afford to acquire the legal and technical expertise in-house to be able to do business in the rapidly changing regulatory environment.
Certainly for more established regulatory schemes, HIgh Wire’s Overwatch Holistic Platform-as-a-Service ships with a compliance framework that will let you instantly serve automatic compliance to your end- users. This allows you to quickly tackle compliance for well-known frameworks, and free up your bandwidth to tailor regulatory solutions for more specialized customer needs.
Our goal, as your partner, is to keep your brand a trusted name among your customers. If there is a need that we can help you with to assist you with providing excellent service to our customers, we encourage you to work with us. Security is a team sport, and it will take close coordination across the information security space to get emerging regulation right.
Security is focusing more on locking down data.
With massive enterprise migration to cloud-based infrastructures, information security is moving away from securing network perimeters to centering on data security. In other words, this means security is having less to do with fending off intrusions on a customer enterprise network that they house and operate, and more to do with making sure your customer packages silos data in a way that exposes it to the least possible attack surface in a cloud environment. This is because enterprise operations don’t consist of keeping data compartmentalized on one network so much anymore, but are dependant on preserving the integrity (and, therefore, value) of the data and getting it into the hands of partners.
This is where addressing the information security industry’s age-old endpoint leakage problem becomes critical. Managed endpoint services from Overwatch let you extend a data-first solution to your customers that keeps tabs on where data resides in their network, and ensures data integrity before it leaves the local network (whether bound for the cloud or another enterprise network). Overwatch’s vulnerability assessment also comes into play here, as it can alert your customers to potential avenues by which data can be compromised.
Cloud is quickly becoming the default network setup.
The popularity of cloud services has been steadily increasing in recent years. Considering the expertise that cloud providers bring to bear that most customers simply can’t afford to make on their own, this should come as no surprise. This trend has only continued in 2019 and cloud is on track to make up the majority of enterprise workloads by 2020 according to a survey by LogicMonitor.
While this trend is still taking shape, and some of your end-users are likely in the process of partial or total migration to the cloud, Overwatch’s Security Operations Center-as-a-Service (SOCaaS) is structured to provide 24×7 monitoring of your clients’ network state whether the landscape is single-location, multi-location, hybrid, or entirely cloud-based. This lets you provide an ideal solution to both in-transition cloud operations and fully cloud-migrated operations without missing a beat. It also frees your team to turn their attention to completing cloud migrations smoothly, rather than requiring them to invest time and effort into securing existing operations in the interim.
AI-powered analytics will prove to be the most effective and lucrative security tool.
As businesses look for ways to automate information security processes to make up for significant shortfalls in available, adequately trained professionals, Netwrix anticipates an increased demand for AI solutions going forward. Once AI technologies establish themselves as must-haves for any security strategy, the race will be on to develop and market more sophisticated solutions and prove value where machine learning poses inherent challenges to value proposition.
We are proud to offer resellers an industry-leading AI managed security solution in Overwatch’s aiSIEM technology, in partnership with Seceon. By powering your product line with Overwatch, you can get on the market demand for AI on the ground floor. Overwatch’s AI sets a baseline for each of your end-users and identifies anomalous activity contextually across a number of event types. We designed our AI to take on the unaddressed issues that have plagued information security for at least a decade, and while there is undoubtedly more room to grow, we take the trend toward AI as a sign that we are on the right track.
Blockchain is will soon be used for IT security.
Blockchain is a relatively new option in the world of information security, but we are already seeing it exhibit great potential for success. In 2019, blockchain is already enjoying continued development and creating new applications for security challenges.
Although blockchain security isn’t yet ready for primetime, it is definitely worth watching in the coming months and years. It is possible we will soon see an application of blockchain for tasks like update installation confirmation or compliance certification, but for now, its mid- and long-term impacts remain to be seen.
IoT devices still lag significantly in security.
IoT devices are being developed at a rapid and ever-increasing rate, but attention to their security is falling far short of demand, as report after report illustrates a pervasive susceptibility to compromise and limited options for securing them. In 2018 we saw more and more examples of devices being hacked and as industry convention season is upon us, there is no sign of slowdown so far in 2019. As device presence on networks increases as IoT prevalence does, you should pay close attention to the dynamics of your customers’ networks and offer up tailored solutions.
Through Overwatch, you can monitor packet flows, including those to and from IoT appliances specifically, across networks in real time while cutting out the white noise with its built-in machine learning. If IoT adoption continues to boom, this may only prove to be a stopgap until IoT OEMs face more pressure to issues patches, but it is one we encourage you to put front-and-center for your IoT-reliant end-users.
Personal data breaches have more ramifications.
2018 saw hundreds of data breaches, with personal information still lying at the heart of nearly all of them. As more types of data are collected, and more complex data sharing and revenue arrangements are devised, the stakes for any breach will only ratchet up higher.
It is still hard to know exactly what the future holds, but one thing has already proven true: Continued reliance on the old techniques won’t cut it anymore. At a minimum, constant vigilance can shift the posture from remediation to prevention, and that is what we strive to position you to provide your customers with the Overwatch SOCaaS solution. You aren’t forced to put all your eggs in this basket, either, as a hybrid of Overwatch’s holistic approach and your brand-specific solutions let you reinforce 24×7 network monitoring with attention to sensitive target areas.
Our philosophy is all about putting you in the driver’s seat and giving you options for how to serve your customers’ needs, and that is going to be key in today’s threat landscape.