After the proliferation of Stuxnet, Duqu in 2012 and other Scada-focused attacks in 2013, industrial control system security will become an important topic in 2014, writes Robert Newby . Large-scale processes involving multiple sites over long distances will be increasingly subject to advanced persistent attack.
As the adoption of cloud technologies increases exponentially in 2014, customers will find a greater requirement for encryption and key management technology. As this increases in scope, businesses will find there are limitations in the reach of current technologies, and will look for ways to extend this to their clients at greater scale, without losing control of their security environments.
The traditional corporate perimeter will disappear as this adoption increases, enabling a more dispersed workforce and client-base, but new perimeters will appear around information in different silos, requiring more classification and asset tagging. We will see the rise of technologies before the end of 2014 that focus on tagging data to protect itself, or creating virtual environments/perimeters that data cannot move outside. The issue will be how to keep this data protected, once it leaves the corporate-controlled environment.
Big data will continue to create its own security solutions and issues. As more big data systems are created to process data at scale, the metadata being produced will acquire greater value than the original data store. This data will need to be protected at source. 2014 will see security systems which rely on processing logs on global scales, implemented similarly to the key management technologies above. This will create further concerns about where this processed data is being stored and who has visibility.
Robert Newby is an analyst and managing partner at KuppingerCole UK.
Read more on security priorities for 2014
This was first published in December 2013