2. Shadow IT poses an ever-increasing threat to data protection

What organisations don’t know about their operating environments is one of the fastest-growing threats to those operations. First up: shadow IT, the internal use of hardware and software that is not declared to technology teams. Consider the use of personal data storage accounts for company data, or SaaS that is evaluated, purchased and used without the knowledge of IT teams.

If technology leaders are unaware of what’s in use on their networks, it rapidly becomes difficult to counter security threats and to maintain regulatory compliance. The Internet of Things (IoT) presents a similar problem: the total installed base of the Internet of Things (IoT) connected devices is projected to amount to 75.44 billion worldwide by 2025. A significant amount of these devices are uncatalogued and uncontrolled.

It is essential to uncover shadow IT while closely monitoring IoT use, and cataloguing devices where possible. However shadow IT and IoT is so pervasive that a watertight approach is almost impossible, so enterprises need to take a holistic approach. You need to obtain complete environment visibility, establish strict access control, and implement security monitoring to detect suspicious events.

3. With a new breed of phishing, cyber hygiene is increasingly necessary

A mix of user awareness and effective anti-spam systems have rendered classic phishing schemes ineffective, but attackers have adjusted, smartening up and making attacks more personal. The result is that while phishing attack volume has reduced, phishing has become more targeted.

Notably, targeted phishing aka spear phishing is responsible for 95% of successful enterprise cyberattacks, according to the SANS Institute. Spear phishing involves a manipulative email that is targeted to a specific employee, often at senior or CXO level. Just as with classic phishing attempts, targeted attacks aim to steal credentials or data often as part of a larger attack.

It is challenging to counter the intensive reconnaissance, preparation and emotional language used by attackers. However, user education is paramount, including the promotion of cyber hygiene practices and the introduction of the preventive processes where users report suspicious emails for a fast response. Furthermore, security features, including multi-factor authentication and authorisation that requires the involvement of multiple individuals, can help.

4. An adaptive approach to security will remain at the forefront of discussion

With growing threats from uncontrolled IoT and from more intelligent attack strategies – including advanced persistent threats (APTs) – traditional “prevent and detect” approaches are no longer relevant. Therefore, the mindset of many organisations is shifting towards an adaptive security approach for continuous monitoring and remediation.

Typical cybersecurity defences used to involve setting up a strong perimeter to prevent attacks, alongside rules-driven security including signature-based detection methods. However, companies no longer fully control their technology perimeter thanks to cloud migration, amongst other factors.

Instead, an adaptive approach to security involves pervasive monitoring and the ability to anticipate attacks by using machine learning and AI. Responses must change too, by incorporating a strong post-incident breakdown that leads to policy changes and improved preparedness. A re-think around prevention is required, while companies must also build attack containment strategies.

5. AI, ML and automation will drive the analytical approach to security

Gartner predicts that, by 2020, 40% of large organisations will have established a “security data warehouse” to support advanced security analytics.

With AI automation, you can boost the efficiency of security teams and respond to incidents faster. It becomes much easier to tune and train your algorithms using your data, use cases and scenarios for reviewing and responding to alerts. AI can support security operation centres in decision making and threat hunting, facilitating risk assessment and threat modelling.

Intelligent cybersecurity measures can act as horizon scanners, monitoring networks and flagging emerging threats. Automated cybersecurity is also less error-prone while delivering response times that are far faster than human experts can achieve.

Keep your organisation ahead of cybersecurity threats

Comprehensive, effective cybersecurity requires an extraordinary degree of non-stop coordination, continuous awareness and in-depth security knowledge. Even large enterprises can struggle to keep ahead of changing, morphing cybersecurity objectives day in, day out.

Involving a security partner is key, not only to build on existing knowledge but also to freshen up thinking, stepping outside of cybersecurity groupthink. ELEKS offers an unbiased, informed evaluation of your enterprise processes, products and systems to industry standards, with compliance in mind.

Our security team will help you implement the advanced, automated security controls that ensure that your business is resilient in the face of an endlessly changing cybersecurity landscape. Contact us today!

ESET Benefits from Hiring a Flexible QA Team and Assessing IT Security Risks

View Case Study