alphaspirit - Fotolia
Security has become a board room issue and shows no sign of being shifted off the agenda with the need to combat threats keeping the subject firmly at the forefront of customer minds.
There is plenty of ancedotal evidence to support the move by customers to take security more seriously but there is also some weight being added to that from Fujistu, which has just issued its 2017 predictions.
The vendor has outlined a few trends it expects to be prevelent in the market next year, including the ongoing discussion of security in board meetings.
Mark Stollery, managing consultant, enterprise & cyber security at Fujistu, said that IT security was not something that could be just left to a couple of experts in a business.
"CxOs may not care about IT as such, but they certainly care about the business goals it helps to deliver. No longer can they ignore the problem of cyber security or dismiss it as ‘something for the IT guys’. 2017 will be the year that Boards will finally come to see IT security as a critical business risk, will review it regularly, and will want to discuss it in language they understand," he said.
"Organisations will need to equip senior IT staff to bridge the communication gap, by understanding the needs of the Board and striving to talk their language. This is a major shift in mindset, and is likely to require a deliberate and well-structured programme of training," he added.
The other prediction that should get the channel pricking their ears up, because it should create some revenue opportunities, is the growing demand from large corporations to inspect their supply chains' data security.
"There is often a stark gulf between what organisations expect of their suppliers and the contractual obligations they impose on them. As awareness of cyber security risks grows, we are starting to see global businesses seek demonstrable proof of data security competence from key professional advisers such as law firms, accountancy practices and business consultancies," said Stollery.
"The biggest clients are well placed to insist on good data security as a condition of placing their business with such advisers, and it is a trend which we believe will only grow long into 2017 and beyond," he added.
The vendor also expects curation of data will become an issue for all organisations, resilience and recovery will become commercial differentiators and poor routine IT practices will still cause the most avoidable harm.
Fujitsu is not alone in doing some crystal ball gazing and others have also been looking at what could be happening in the short-term.
Fortinet has also come up with a list that warns of the growing dangers around IoT as the number of connected devices grows plus the ransomware problem is expected to become more focused with high profile attacks in 2017.
“The expanding attack surface enabled by technology innovations such as cloud computing and IoT devices, a global shortage of cybersecurity talent, and regulatory pressures continue to be significant drivers of cyber threats. The pace of these changes is unprecedented, resulting in a critical tipping point as the impact of cyber attacks are felt well beyond their intended victims in personal, political, and business consequences," said Derek mankey, global security strategist at Fortinet.
"Going forward, the need for accountability at multiple levels is urgent and real affecting vendors, governments, and consumers alike. Without swift action, there is a real risk of disrupting the progress of the global digital economy," he added.
Check Point's view of 2017
Check Point has also made some predictions about just what we can all expect next year:
1. Mobile: As attacks on mobile devices continue to grow, we can expect to see enterprise breaches that originate on mobile devices becoming a more significant corporate security concern.
2. Industrial Internet of Things (IoT): In the coming year, we expect to see cyberattacks spreading into the Industrial IoT. The convergence of informational technology (IT) and operational technology (OT) is making environments more vulnerable, particularly the operational technology or SCADA environments. These environments often run legacy systems for which patches are either not available, or worse, simply not used.
3. Critical Infrastructure: Critical infrastructure is highly vulnerable to cyberattack. Nearly all critical infrastructure, including nuclear power plants and telecommunications towers, was designed and built before the threat of cyberattacks.
4. Threat Prevention: For enterprises, ransomware will become as prevalent as DDoS attacks, the prevention of which is a cost of doing business. Given ransomware’s success, enterprises will have to employ a multi-faceted prevention strategy, including advanced sandboxing and threat extraction, in order to effectively protect their networks.
5. Cloud: As enterprises continue to put more data on the cloud, providing a backdoor for hackers to access other enterprise systems, an attack to disrupt or take down a major cloud provider will affect all of their customers’ businesses. There will also be a rise in ransomware attacks impacting cloud-based data centers. As more organizations embrace the cloud, both public and private, these types of attacks will start finding their way into this new infrastructure, through either encrypted files spreading cloud to cloud or by hackers using the cloud as a volume multiplier.