Endpoint

11/3/2017
10:30 AM
Tony Gauda
Tony Gauda
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
100%
0%

4 Ways the Next Generation of Security Is Changing

The CISO's job will get easier because of trends in the industry. Here's how.

Today, 66% of companies don't have enough cybersecurity personnel on staff, with that skills gap widening to a shortage of 1.8 million information security workers by 2022, predicts a new study from (ISC)2. With the number of data breaches also increasing at a record pace, something must change. Will it be automation technology, advanced tools, or more training? Regardless, the next generation of security will be staffed by less-experienced people empowered to do the jobs previously only experienced analysts could do — because it's necessary.

Here are the four ways I see the security analyst role, and the forces around it, evolving. For the CISO, it means your job is going to be a whole lot easier, too.

Security teams will become more diverse. The analyst position will evolve to diversify — and that’s a good thing. I believe that our thinking around the role of a security analyst hasn't been right. We have a talent gap, in part, because we have a narrow understanding of what a security professional needs to be. There are many elements that play into a security program, and it's not all about technical acumen. As an industry, we tend to get fixated on the latest ransomware or zero-day exploit, so it's easy to see why many assume you need extensive, technical skills to make meaningful contributions in the information security world.

However, the effectiveness of the vast majority of today's security teams has a lot more to do with getting basic security controls and best practices in place, and partnering effectively with the rest of the business. A security pro needs to collaborate with other departments, implement security training programs, manage third-party risk, put effective password policies in place, and more. These junior security analysts need to evolve to become better communicators and advocates — because today, many of the attacks on an organization are internal. Whether it's due to bad actors or just lack of education, a recent Verizon breach report found that more than 7% of users who receive phishing emails fall for them. This is preventable, and it's up to the security team to make that happen.

Security technology will become simpler. Today it's easy to become overwhelmed by information. Security professionals are tasked with more and more events around all possible nefarious activity. According to industry research, a mere 4% of alerts are investigated by security teams due to the massive amount of alert activity on the whole. There's no question that security analytics need to move toward simplicity — whether it's using more contextual alerting, "conversational English" nomenclature improving the user experience, or implementing machine-learning tools to intelligently sift through massive amounts of information. Alert fatigue needs to become a thing of the past for all analysts. I'm sure we're all tired of it by now.

Security strategies will centralize around data. There are two forces that demonstrate my point. First is the reality that breaking news on a weekly basis surrounds enormous data leaks — just recently, Equifax, Yahoo, the Securities and Exchange, and Sonic — and a stunning lack of clarity around the extent and scope of data that has been compromised in each case.

The second force is the European Union's General Data Protection Regulation. Organizations have not mapped out their data, and they're struggling now to comply with EU regulations. As a result, enterprises are making moves to locate, classify, and understand who's accessing their data and where it's being stored, and utilizing more advanced frameworks for data monitoring and controls. This data transparency is no longer a nice-to-have, particularly given impending regulatory deadlines. A heavier focus on data governance in itself will make analysts' jobs less complex than they've been before.

Automated technology will play a larger role. Every year there's a different hot buzzword in security — in 2017, it's automation. So it won't come as a surprise that to keep up with more senior analysts, less-experienced analysts may need to employ security technology that has a higher level of automation. Related to my first point, automated technology has the potential to close some of the talent gap problem. Although we've been pretty far away from realistically achieving that until now, that will change in 2018. This type of technology has finally advanced to the point where it works.

What I've discussed represents just four of the many ways that the next generation of security as a whole is changing, along with the role and responsibilities of security teams, as a result. With a combination of technological advancements and smart human intervention, we're moving in the right direction to even the playing field against attackers — and the next generation of security pros will be the ones who see that through.

Related Content:

Join Dark Reading LIVE for two days of practical cyber defense discussions. Learn from the industry's most knowledgeable IT security experts. Check out the INsecurity agenda here.

Tony Gauda is a serial entrepreneur with a deep history in security, storage, and SaaS businesses. Tony holds several issued patents and previously invented the convergent encryption and core technology for Bitcasa. As the CEO of ThinAir, Tony has invented information ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
It Takes an Average of 3 to 6 Months to Fill a Cybersecurity Job
Kelly Jackson Higgins, Executive Editor at Dark Reading,  3/12/2019
763M Email Addresses Exposed in Latest Database Misconfiguration Episode
Curtis Franklin Jr., Senior Editor at Dark Reading,  3/11/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: LOL  Hope this one wins
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
The State of Cyber Security Incident Response
The State of Cyber Security Incident Response
Organizations are responding to new threats with new processes for detecting and mitigating them. Here's a look at how the discipline of incident response is evolving.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-6149
PUBLISHED: 2019-03-18
An unquoted search path vulnerability was identified in Lenovo Dynamic Power Reduction Utility prior to version 2.2.2.0 that could allow a malicious user with local access to execute code with administrative privileges.
CVE-2018-15509
PUBLISHED: 2019-03-18
Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control (issue 2 of 2).
CVE-2018-20806
PUBLISHED: 2019-03-17
Phamm (aka PHP LDAP Virtual Hosting Manager) 0.6.8 allows XSS via the login page (the /public/main.php action parameter).
CVE-2019-5616
PUBLISHED: 2019-03-15
CircuitWerkes Sicon-8, a hardware device used for managing electrical devices, ships with a web-based front-end controller and implements an authentication mechanism in JavaScript that is run in the context of a user's web browser.
CVE-2018-17882
PUBLISHED: 2019-03-15
An Integer overflow vulnerability exists in the batchTransfer function of a smart contract implementation for CryptoBotsBattle (CBTB), an Ethereum token. This vulnerability could be used by an attacker to create an arbitrary amount of tokens for any user.