10 months ago


predictions 2017 Mike

predictions 2017 Mike East, CrowdStrike: manipulation of data to remove its integrity will be significant enough to send companies under. Markus Jakobsson, Agari: further increase in hybrid attacks that exploit multiple attack vectors. much more often by cybercriminals for 'commercial' attacks - eg, ransomware and business email compromise." ALERT FATIGUE Whether a Fortune 500 company, a familyrun business or a utility company, all businesses are vulnerable and proactively sought after as attack targets, states Mike East, VP Sales EMEA at CrowdStrike. "Whether by a nation-state group, a criminal network or an independent hacker, they're all in the firing line. Yet we're moving beyond fines, damage to corporate reputation and a number of scary headlines. In 2017, the manipulation of data to remove its integrity will be significant enough to send companies under. Organisations need to be continually and proactively assessing their networks to understand how they are compromised. Too many are focusing on the 'known' bads, rather than trying to understand the threat of the 'unknown'. East points to how organisations today are exhausted by 'alert fatigue', where security professionals are cast in the role of passively reviewing tones of alert data, much of which ends up being confirmed by those humans as false positives. "This often means security teams are stuck in a reactive mode and not preventing breaches from happening. Businesses need actionable intelligence to overcome this hurdle and get ahead of the threats that could compromise their business. "Ultimately, we can't properly interpret today's threat landscape without understanding the impact of global economic developments and geopolitical events. Just because something happens miles away, it doesn't mean it won't wash up on your doorstep in the form of an attack. Intelligence needs to be added to the equation, so that we can anticipate and detect potential threats, and defend against new tactics, techniques and procedures." Dimension Data's chief technology officer Ettienne Reinecke says digital is about building truly customer-centric business models on IT, including the network, data centre, applications and other infrastructure - which may be on-premise, or cloudbased. "Today, there's no such thing as a digital strategy - just strategy in a digital world. And while the digital age is creating a degree of uncertainty for some organisations, it's also opening the doors to exciting possibilities and ushering in an era of infinite potential." Reinecke cites ownership and access to data - and metadata - as a key theme. "In the year ahead, control and ownership of data and metadata will emerge as a point of discussion - and indeed contention. That's because data and metadata are the 'gold dust' that allow organisations to glean rich insights about customer behaviour. In addition, metadata allows organisations to identify specific behavioural patterns, derive business intelligence and make informed business decisions." GROWING PROTECTIONISM As a result, organisations are becoming increasingly protective of their metadata and wary of who has access to it. "Organisations don't just want ownership and control of their data for compliance reasons: they want it to perform analytics," he adds. "We expect that this will trigger some interesting discussions between businesses and their cloud providers. For example, where are the boundaries with respect to ownership, especially around metadata? We foresee this issue resulting in a bit of 'push and pull' among the various parties." Clearly, 2017 will be as dangerous - and, yes, highly unpredictable - as any previous time. However, with the right strategies and intelligence firmly in place, enterprises can survive and thrive, embracing the exciting possibilities that Reinecke sees looming just beyond the threat horizon. 12 computing security March/April 2017 @CSMagAndAwards

MEET THE INFOSEC WORLD, ALL UNDER ONE ROOF REGISTER NOW CONNECT WITH PEERS, PARTNERS AND THOUGHT- LEADERS FIND SOLUTIONS AND PRE-EMPT PROBLEMS Everyone and everything you need to know about information security ENHANCE YOUR KNOWLEDGE & EARN CPE/CPD CREDITS FIND NEW OPPORTUNITIES TO FURTHER YOUR CAREER “InfoSecurity Europe is the highlight of the security event calendar, given the scale of the event, the vibrancy and buzz surrounding the show and the attendance of industry leading vendors and the world class speakers.” Join the region’s premier information security event featuring 360+ of Europe’s most established players & newest cybersecurity talent. Learn from our most comprehensive conference programme yet with over 160 hours of complimentary thought-leader seminars. In 2016 we opened our doors to more than 17,500 professionals all under the beautiful domed roof of Olympia, London. Can you afford not to be there in 2017? @infosecurity Mark Shutt IT Security and Assurance Manager, Secure Trust Bank REGISTER TO ATTEND AT