It’s December, the holidays are upon us, and it’s that time of the year for the proverbial “2017 predictions” blog. Not to be left out of all the fun, we went around to a few of our resident industry experts here at Stealthbits to get their opinions of what trends will emerge in the New Year within the world of cybersecurity. Check out what they had to say:
“Let’s face it – right now in 2016, there’s a shortage of good cybersecurity talent. And unfortunately, it might not get much better in 2017. Organizations need to and will start creating new ‘corporate brands’ to help attract top talent. This means giving high-level security folks the opportunities they want, such as:
By providing a work environment that is challenging and rewarding, companies will have a much easier time winning and retaining top security talent.”
“I’m always surprised to see how often organizations allow their unstructured data to be unprotected when it accounts for about 80% of their total data. This leaves them exposed to tremendous risk. In 2017, companies can close this gap by returning to the basics of security.
The first step is gaining visibility into their unstructured data. This includes who has access to it and what they are doing with that access. Armed with this information, they can establish a Data Access Governance program to limit the amount of unstructured data, as well as access to it.
Step two is obtaining visibility into Active Directory and Windows Operating Systems. This is to ensure that all passwords, configurations, and settings align with security best practices. That can mean removing inappropriate access rights in Active Directory and fixing improperly configured systems so attackers can’t obtain the privileges needed to seriously compromise credentials, data, and resources.”
“It’s estimated that 82% of attackers compromise victims within minutes. It just takes one compromised account for an attacker to get into the network, move from system to systems to steal credentials, and obtain Domain Admin privileges that allow them to easily steal data. Companies are starting to realize they can’t afford to wait days, weeks, or even months to uncover these attacks.
In 2017, utilization of UEBA solutions will become much more widespread. By leveraging UEBA, organizations can quickly detect these abnormal activities that indicate compromise, often in real-time. This will lead to quick remediation and greater overall security posture.”
“Thinking about IAM, DLP, PIM, and SIEM, it seems like security has recently become a dizzying alphabet soup of acronyms. The fact is, most organizations employ one of more of these solutions and they represent significant IT investments. The problem though is they aren’t integrating their capabilities to create an end-to-end security program.
To accomplish this in 2017, companies need to fully leverage their technology investments. This means reducing access to sensitive data, monitoring and enforcing appropriate use of privileged accounts, and detecting abnormal behavior or other signs of a breach.
However, this can’t be done alone. These solutions need help. This will come in the form of tools designed to greatly enhance their capabilities. For example, taking IAM and extending it into unstructured data, while being able to monitor security groups providing access to sensitive data for membership changes sourced from a DLP solution, all the while monitoring privileged accounts for unauthorized authentications sourced from a PIM system. And to tie a ribbon around it all, feeding only the most relevant data into SIEM to reduce noise generated by native logs.”
“Next year organizations will not only put a lot of resources into beefing up their security infrastructure but also into educating employees on best practices. How often have you seen someone leave with their computer unlocked when they go to lunch or use an embarrassingly weak default password? Don’t even get me started on employees that copy sensitive information onto easily lost USB flash drives.
To educate them, companies must create their own internal security programs. They can incorporate concepts as simple as:
Once these basics are established, you can then move on to more sophisticated measures, like multi-factor identification or using a Privileged Identity Management vault to access passwords used for critical systems.”
Nate is a Web Marketing Manager at Stealthbits and has worked in the IT Security industry for over 7 years.
Proper data security begins with a strong foundation. Find out what you're standing on with a free deep-dive into the security of your Structured and Unstructured Data, Active Directory, and Windows infrastructure.Read more