Digitization is in full swing. Gartner estimates that by end of this decade more than 7 billion people and businesses and nearly 35 billion devices will be connected to the Internet of Things (IoT) — the magic place that connects people, processes, data, and devices. The current population explosion on the IoT has been triggered by the development of IP-enabled devices, a rapid increase in global broadband availability, and the emergence of IPv6.
All this means that the world is entering into a new chapter — the zettabyte era — in which massive data fuels the economy. (A zettabyte equals 1,000 exabytes, or 1 billion terabytes.) According to Cisco's "2017 Annual Cybersecurity Report" (registration required), annual global IP traffic will reach 2.3ZB by 2020, a threefold increase over 2016. Two-thirds (66%) of it will be produced by wireless and mobile devices; wired devices will account for only 34%. The volume of global Internet traffic in 2020 will be a staggering 95 times greater than it was in 2005.
On the flip side of this global megatrend is the reality that the world is being exposed to an unprecedented number of cyber threats. After polling nearly 3,000 security professionals, Cisco says that many organizations still feel unprepared to cope with the radical implications resulting from the above. While 58% of respondents say their security infrastructure is up-to-date, a solid 37% do not share this enthusiasm and are more pessimistic.
Unparalleled Numbers of Endpoints
For 58%, the proliferation of mobile devices and sensors is a great concern; these devices will soon number five times the global population. Together they create an unparalleled number of endpoints that need monitoring and safeguarding. Data in the public cloud, cloud infrastructure as a whole, and negligent user behavior (each cited at 57%) are also top challenges to mitigating cyberattacks. Particularly, the exponential growth of third-party cloud applications is increasingly causing headaches. While some 20,400 third-party apps were deployed in October 2014, the number reached 108,000 in October 2015 and exceeded 222,000 by October 2016. More than a quarter of them (27%) are considered high risk, and another 58% are deemed to be medium risk. Only a mere 15% of these apps are seen as low risk.
Today, the average enterprise has more than 1,000 of these apps embedded into their IT landscape, with more than 20,000 different installations of them. Thanks to APIs, the vast majority of these apps have an excessive access scope, allowing them to communicate freely and potentially turn into loose cannons if something goes wrong. OAuth, for instance, is empowering the cloud space and numerous software-as-a-service (SaaS) platforms, but if it is compromised, it will also shortcut the path to the crown jewels — namely, gigantic data silos that only grow bigger by the hour.
Lackluster Risk Remediation
Missing talent, tools, or automated processes that help determine severity levels and root causes of a given alert might force security teams not to conduct an investigation. Yet, not responding to an alert is obviously a big risk. Cisco's research finds that, based upon a sample size of 2,796 alerts, a staggering 44% of all incidents were not investigated. Even worse, out of the remaining 56% that have been examined, less than half (46%) have been mitigated. In other words, a staggering 56% of legitimate alerts are hidden beneath a carpet, leading to potentially painful consequences. For example, according to the survey, of those organizations that encountered a breach, 49% had to deal with public scrutiny. Some 29% of respondents lost revenue due to attacks in the past year, and another 22% lost customers or business opportunities in the aftermath. Of that group, 38% said their revenue loss was 20% or higher.
To effectively combat cyber threats in the zettabyte era, security leaders must relentlessly prioritize security and focus upon prevention, detection, and mitigation. This must encompass policies, tight access controls, and mandatory encryption for data at rest, in motion, and in use. Since technology advances at lightning speed, it's also important to understand that the threat landscape is evolving permanently. Thus, policies and measures must be subject to constant review and enhancement. At the same time, security teams must progress from "running faster" to "running smarter." To accomplish this, it's key to reduce complexity by seeking stronger integration of the exiting tools and solutions, and to simplify operations through analytics and automation.