Cybersecurity was definitively in the spotlight for 2015. From the server room to the board room and every hallway in between, everybody was talking about hacking, breaches, and vulnerabilities. So what does all this chatter portend for 2016? At Anitian, we have been thinking a lot about what is coming next year. Here are Anitian’s top ten cybersecurity predictions for 2016.
1. Fall Out
We all know this is coming, we just do not want to admit it. The 2016 cybersecurity fall out will be painful. It is when business leaders stand up and “that’s it, we have had enough of this nonsense, fix it or get out of here!” What this means is that security practitioners, technology makers, and service providers will need to start showing some real, tangible value. Slick marketing will no longer be enough.
Perhaps most jarring fall out of all, is the unceremonious termination of CISOs who cannot protect their businesses. The board rooms are fed up with talk, they want action.
2. Slow Steady March Toward Security Analytics
The era of the “best of breed” point product is over. The trend of unification which began with NGFW/UTM will continue unabated as the market marches toward unified Security Analytics platforms.
In 2016, we will see the first truly unified analytics platforms start to emerge. Palo Alto and Sophos have already released endpoint products that integrate with their NGFWs. Others will follow.
Cisco is intensely focused on building their “detect anywhere, defend everywhere” solutions. Raytheon, Blue Coat, IBM, RSA, and others are also in this game. However, there is a darkhorse candidate here, who could really shake up the cybersecurity industry, again.
3. Symantec Awakens
The past few years have not been kind to Symantec. The most consistent thing Symantec has produced in the past three years is groans of disapproval from analysts, investors, customers, and employees.
We are done groaning. Symantec will roar back to life in 2016. Symantec has a zillion dollars in cash and ample energy. We predict there will be a flurry of acqusution activity at Symantec with a whole new strategic vision.
If Symantec buys a SIEM company (like Spunk or ArcSight) look for it to go after a NGFW as well. Juniper is absolutely ripe for the picking right now. Symantec wants to be a player again, not just an antivirus renewal processing company. We implore Symantec management to go big, go loud, go wild, and go all the way. Your time is now. Either seize this moment, or go the way of CA.
4. CyberSecurity Insurance Fights Breach Fatigue
Breach fatigue is setting in with many executives. With each passing breach, leaders become desensitized the threats and dismissive of their cybersecurity operations. Cybersecurity liability insurance is set to take off in 2016 as a tonic to executives cyber-fatigue.
While insurance seems like a quick solution to the vexing problems of information security, insurers are getting wise to this. Not only are they increasing their premiums due to the massive payouts they see in the news, they are also spicing up their policies with specific language that requires the insured to maintain certain security controls and certification.
5. AWS Dominates
We are biased on this prediction. Having worked with the AWS teams on the PCI compliance workbook and our forthcoming HIPAA workbook, we have unique insights into AWSs operations. That much said, we are impressed at how AWS is not only leading the way in cloud hosting, but also cloud security. Many of AWSs new features are specifically targeted at improving security, such as their key management and hosted Active Directory. While Anitian is not privy to any secret plans, we predict AWS will not only continue to dominate the cloud hosting market, but continue adding security capabilities increasing the value of their platform.
If you want secure hosting in 2016, AWS really is the only place to go. Azure, RackSpace, Firehost and all the others are largely avoiding security, or trying to side-step around it with very narrow compliance coverage.
6. Managed Intelligence Takes Off
Managed security has grown nicely over the past ten years. However, with increasing pressure to protect the business and dwindling personnel resources, savvy CISOs are expecting a lot more from their managed security providers. They do not need another entry-level analyst babysitting their firewall. CISOs want intelligence, not remote hands.
The market for managed threat intelligence will take off in 2016. Anitian saw this trend years ago and began building our Sherlock Managed Threat Intelligence Services as a response to this trend.
7. Dying Tech
Not everybody will have a great 2016. Email security, web application firewalls, and mobile security will all see a slower 2016. These are security technologies that are commodizing and/or getting enveloped into other offerings. Cloud email like Office 365 and Google has eliminated the need for a stand alone email security product. Web Application firewalls are getting absorbed into application delivery platforms. And mobile security, quickly became a commodity product with minimal differentiation among the vendors.
8. ISO 27001 Comes of Age
The ISO 27001 standard has been around for over ten years. Only recently has it begun to gain wider acceptance as a compliance standard in the USA. Expect to see more companies adopting and demanding this standard next year.
9. There Could Be Cyberwar
Many of us at Anitian are skeptical of cyberwar (even though we love Richard Stiennon’s book There Will Be Cyberwar) The rationale is that cyberattacks lack the impact of more traditional (and deadly) warfare. However, in the past year some of our team has begun to back off this skepticism. Anitian has been involved in a number of projects where there was pretty clearly some foreign involvement.
This year will be different. 2016 is a big election year for the USA. This is a prime time for nation-states, terrorists, or hacktivists to get attention. We have already seen the beginnings of this, with Anonymous targeting Donald Trump’s presidential campaign. Moreover, if there is anything we learned from the big Office of Personnel Management, the government is not very good at protecting information systems.
The big question is will this “Black Swan” event amount to cyberwar? That depends on the scope, impact, and sophistication of the attacks and the intention of the attackers. Regardless, the rising global threat levels increase the likelihood of 2016 seeing a significant cyberwarfare event.
10. Identity-Based Security Arrives
One of the most significant indicators of compromise in every data breach is some form of credential theft or abuse. It amazes us how identity and rights management is still a messy and poorly organized aspect of security.
Part of the reason for this is that, the traditional IdM market has seen very little innovation. Big players like Courion, Oracle, and Microsoft do okay with single-sign on and federation, but the market for those capabilities is dwindling.
In the past year or so, the IdM space has begun to change. We predict that 2016 will be the year for whole new crop of identity-based security products to take off.
First, there are the privileged identity management and password vault products, such as CyberArk, Thycotic, and BeyondTrust that use brokering and automated account and key management. Second, there are the identity analytics products which monitor account usage and access, such as Fortscale, RSA Via, and Securonix. And lastly, there is cloud access brokering, such as Sky High Networks, Bitglass, and Elastica, which provide security and access controls around cloud applications.
These technologies are all poised for big growth in 2016. Not only have they matured to mass acceptance, but they also can have a profound impact on reducing the likelihood of a breech.
While 2016 may not see huge tectonic shifts, like 2014 did with the Target breach, it will still be exciting. Cybersecurity is no longer relegated to the dark basement of business. We are in the board room now, and it is time we show results.
Have a safe, happy, and secure 2016 everybody.