ORLANDO — Some 9,000 executives are gathered here this week at the Gartner Symposium/ITxpo to hear about trends, strategies, best practices, and technology developments in the computer and networking industries. This morning, Peter Firstbrook, vice president and analyst at Gartner, spoke to attendees about six security trends for 2018/2019. Short on specific technology and long on strategic issues, his list is likely to inform executive committee conversations for the next 12 months.
In fact, only one of the six trends deals with a specific area of technology. The remainder tackle how security is planned, purchased, and deployed.
Trend 1: Senior executives are finally paying attention to security; now, security professionals will have to pay attention to senior executives.
Between GDPR, WannaCry, and a handful of other high-visibility incidents, dollar figures for security breaches have grown to the point that executives and corporate boards are forced to pay attention. That means they're asking questions about security using the language of business — and security professionals have to be ready to answer in the same language.
Security professionals must be able to discuss security needs and responses in terms of business risks rather than security threats, Firstbrook says. He also pointed out that embracing diversity will improve the ability to respond to a wider range of requests and needs while boosting the chances that the IT security team will be able to meet ever-growing staffing requirements.
Trend 2: Laws and regulations around data protection are getting serious and demanding a serious response from IT security groups.
The liability costs of security breaches are growing, whether you measure them in reputation and business loss or in direct fines from regulators and legislators. That changes the calculus on security and data protection costs by a bit, though everything will still need to be seen through the business-risk lens.
One of the results of the new wave of regulations is that customers are gaining far more direct control over the gathering, storing, and use of their personal data. As a consequence, many successful companies are now looking to offload some of that data gathering by, for example, using third parties for credit card payments rather than dealing with the transactions — and the data that results — themselves.
Trend 3: Security products are moving to the cloud and becoming more agile in the process.
The importance of this trend is in the implications of the move, Firstbrook said. He gave the example of the Prius — a hybrid car that's still firmly rooted in the classic automobile — versus the Tesla, which in many ways reimagined both the propulsion and degree of connection possible in a car. The Tesla, he said, opened the thinking of connected possibilities in ways that other manufacturers are using in their products.
Cloud security services are more agile and extensible than traditional on-prem offerings, Firstbrook said, plus they offer another advantage: staff augmentation. The key to taking full advantage is making sure that the services are complete with full APIs for real integration into larger ecosystems, he said.
Trend 4: Machine learning is providing real value to simple tasks and complex analysis.
The real problem with deploying machine learning in security, Firstbrook said, has been that it was possible to throw far too many false-positives, creating more noise than usable signal for the human analysts. Now, though, the same machine learning is helping to sort through the positives to increase the signal-to-noise ratio and successfully augment the effort of the humans involved.
That augmentation is where Firstbrook said he sees the real value of machine learning in security, though he admitted that one speed bump is in the training of machine learning engines — something other experts have warned about, as well.
Trend 5: Geopolitical factors are joining technology and business factors in guiding security purchases.
Companies are based in physical locations. It's an inescapable fact of living in the real world. That means the relationships between nations can have an impact on the relationships between companies, especially when it comes to trust in just how secure products can be.
In the security world, the market has seen that play out in purchasing decisions regarding companies such as Kaspersky and Huawei. And whether you trust products from those companies may not be the most important factor when it comes to purchases.
If your customer base includes government agencies or departments, then the companies they trust may define the limits of the companies from which you can buy. The fact that the cyberwar landscape is getting more, rather than less, active means this trend is likely to accelerate.
Trend 6: Concentrations of power and capability are leading to reactions of decentralization.
The security industry is in a period of concentration, exemplified by the fact that, essentially, two companies are issuing certificates for the world. Concern about this sort of concentration has led to the beginnings of a reaction in decentralizing power.
The most prominent example is blockchain technology, Firstbrook said. The distributed ledger is still in the early stages of security use, but many companies are looking for various ways to use the technology.
Another example of decentralization is the move to edge computing, where compute power is distributed to endpoint devices rather than being confined to a cloud at the center of the architecture.
For successful companies, Firstbrook recommended exploring a number of different decentralized architectures and providers, thereby avoiding concentrating on any one distributed model.
Black Hat Europe returns to London Dec 3-6 2018 with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the conference and to register.