Each year, organizations increase spending on cybersecurity protection to keep their businesses, their data, and their users safe. Ovum research indicates that 2016 spending is set to exceed $37 billion.
As threat levels increase, corresponding purchase responses are made. In effect, what we are seeing is an escalation of the cybersecurity arms race, with security intelligence and analytical capabilities being utilized to map the threat landscape, identify new and recurring threats, and take action against them.
New defenses will include technologies designed to identify and address the risky actions that users are taking and the unauthorized, often cloud-based facilities they are choosing to use.
Keeping business data and users safe is a key issue. As such, there will also be far more interest in the control elements of security that define what users are allowed to do – what on-premise and cloud-based facilities and services they can and cannot use, which data resources they are allowed to access, and where that data can be kept.
In 2016, cybercrime, state-sponsored activities, and advanced persistent threats (APTs) will continue to make headlines. Social engineering that targets human frailties will continue to put business systems at risk. But at the same time, a large percentage of organizations will be breached by not-so-special, commercially available malware, whose availability at bargain-basement prices on the Dark Web has significantly reduced the barriers to entry into the world of hacking.
Therefore, detection and remediation tools that can spot all types of malware and reduce recovery timelines after a breach will continue to play an important role.
The newer elements of technology including cloud and mobile will still cause concern. Their use and interaction with other developing areas of business activity, such as shadow IT and IoT, will add to the need for improved levels of user and data protection.
Further improvements to operational defenses will be needed to deal with the evolution and growth of distributed denial-of-service (DDoS) attacks and the re-emergence of ransomware activity, both of which are targeting at-risk business systems.
Identity and access management (IAM) will continue to be the cornerstone technology for provisioning and controlling access to business systems and for building working relationships between businesses and their clients.
There will be greater emphasis on the “digital user lifecycle” in 2016 as IAM usage extends across and beyond the enterprise to support the authentication, ease-of-access, and security requirements of everyone from consumers to privileged corporate users.