Five biggest security technology trends for 2018

Looking ahead, a number of emerging IT security advances will arm organizations with the right information at the right time to help spot and mitigate potential breaches before they can occur. Here, in no particular order, are five security trends that are set to make a big impression on enterprise in 2018.   

1. Security compliance will get serious 

Regulators on both sides of the Atlantic are clamping down on security practices that put customer data at risk. In the U.S. NIST Special Publication 800-171, which comes into force December 31, 2017, will regulate the protection of controlled unclassified information (CUI) in non-federal information systems and organizations. Over in Europe, the much anticipated General Data Protection Regulation (GDPR) will ensure organizations worldwide that handle information relating to European citizens fully understand what data they have, where it is stored and who is responsible for it. These, along with stricter penalties for non-compliance, will require businesses to upgrade their data privacy controls.    

2. Advanced analytics will improve data security 

Organizations currently use a combination of security products from antivirus software and data loss prevention (DLP) tools to full-blown security information and event management (SIEM) software in an attempt to reduce data breach risk. SIEM in particular generates large volumes of data making it hard to spot information requiring immediate attention. Advanced data analytics tools will help organizations see the wood from the trees much more clearly. The growing adoption of technologies like user and entity behaviour analytics (UEBA) will enable organizations to establish stricter control over their IT infrastructures and better understand their weak points, so they can fix security holes before a data breach occurs. 

3. Tailor-made security  

The global cybersecurity market is evolving. Security vendors are rapidly expanding their range of solutions to allow them to solve similar pain points differently according to the customer’s infrastructure. With strong data protection practices in high demand, security vendors will start to offer a more personalized approach, taking into account factors like IT infrastructure size and complexity, industry and budget. A more customized approach to IT security will provide organizations with solutions that are uniquely tailored to their requirements. Smaller, more specialist software providers will win business against larger, less flexible vendors by providing offerings that are ideally suited to meet specific business needs.

4. Gartner’s CARTA approach will improve decision-making 

In 2017, Gartner proposed a new approach to security based on a continuous process of regular review, re-assessment and adjustment. Known as CARTA (Continuous Risk and Trust Assessment), the new approach is intended to replace the old fit-it-and-forget-it mantra. We can expect this approach to become more central in 2018 as organizations take a fresh look at how the mitigate cyber risks. Real-time assessment of risk and trust in the IT environment enables companies to make better decisions regarding their security posture. A good example is to grant extended access rights to users only once previous patterns of behaviour on the network have been carefully studied to show they present minimal risk of privilege abuse.    

5. Blockchain principles to be applied to data security  

An emerging approach to mitigate the increasing number and sophistication of cyber threats is to harness blockchain principles to strengthen security. With blockchain technology data is stored in a decentralized and distributed manner. Instead of residing in a single location, data is stored in an open source ledger. It renders mass data hacking or data tampering much more difficult because all participants in the blockchain network would immediately see that the ledger had altered in some way. Blockchain has the potential to be a major leap forward for securing sensitive information, especially in highly regulated industries like finance, government, health and law.