Virtualization Technology News and Information
Qualys 2016 Predictions: Survival of the Secure-est

Virtualization and Cloud executives share their predictions for 2016.  Read them in this 8th Annual series exclusive.

Contributed by Wolfgang Kandek, CTO of Qualys

Survival of the Secure-est

2015 was another huge year for data breaches. We saw cyber attacks go up in both number and in the scale of data affected; and yet, this past year is only a training session for 2016. In the upcoming year, IT teams will be forced to deal with more data, more devices, more patterns and as a result, more threats. Adding to this risk will be the continued rise of the Internet of Things (IoT), which adds huge numbers of devices to IT networks, as well as the ever-limited supply of skilled security professionals. Below I'll dive into my top line security predictions for 2016, as well as how organizations can be best equipped for the threats to come.

IoT and an all-connected world

IoT has already added huge numbers of devices to IT networks, meaning that we are confronted with more security and event data than ever, making it harder to find the relevant bits. In addition, there is the new concept of personal IoT, where new network devices are introduced in a person's own environments, eventually connecting to an organization's networks. These devices all come with their own vulnerabilities. We've already seen examples of this in fitness trackers and teapots.

The most basic way to limit attacks through personal IoT reach is to have a guest network for these devices where end-users can connect freely. This prevents bleed-over from IoT to an enterprise network and eliminates these additional attack vectors. Also, use features such as access point (AP) isolation to make sure that devices are sheltered from each other and encourage users to keep their corporate machines off the guest network.

Moreover, in 2016, I suspect that overall automatic patching will eventually come to IoT as we are already seeing the impact of not preparing for these scenarios - take Jeep's latest headlines, for instance, and contrast that with those of Tesla. The advantages of automated patch rollouts have been visible in the phone ecosystem for years. It's only a matter of time before the "Internet of Cars" (along with all other "things") picks up the same pace.

Continued security skill shortage

Despite growing concerns over cyber security, in 2016 we will continue to see a shortage of skilled security personnel. Companies will be forced to cross train their employees and engage with outside providers for security training such as the SANS Institute and others.

In addition to local training, cloud computing is the best way to lessen this shortage. By shifting to cloud computing, such as running an enterprise resource planning (ERP) system in the cloud, the majority of security processes (i.e. OS patching, DB patching, secure OS/DB configuration, etc.) will be automatically handled. IT can then focus on high-level issues such as account creation and access control.

Even more attacks, but not through mobile devices

Contrary to what some IT security vendors may be predicting, I do not see mobile being the next big security target of 2016. While they have their issues, iOS and Android are immensely better than traditional computing endpoints when it comes to commercial malware. On the client side we will continue to see PCs and laptops being the primary targets, offering attackers the greatest return on investment.

At Qualys, our data analytics see drive-by exploits and vulnerabilities taking center stage in 2016. Exploits and malicious toolkits or exploit-kits are already on the rise for drive-by attacks, which have become the de facto choice for infecting large numbers of machines. In addition to applications like Flash and Java, which are currently targeted, we will see an increase in attacks on legacy browsers such as Internet Explorer.

So how can organizations stay ahead of increasingly sophisticated cyber attacks? Current security solutions are a patchwork of often incompatible technologies, where organizations have piled technologies one on top of another, each addressing one specific threat. It is time to reorganize and protect all endpoints on premise or on the Internet. Organizations need to adopt a continuous view of their assets and their security. I see the use of multiple technologies converging in a single platform as the only logical choice, where active scanning and mobile agents bridge all environments into a coherent picture.

Best of luck out there!


About the Author

Wolfgang Kandek, CTO of Qualys

As the CTO for Qualys, Wolfgang is responsible for product direction and all operational aspects of the Qualys platform and its infrastructure. Wolfgang has over 20 years of experience in developing and managing information systems. His focus has been on Unix-based server architectures and application delivery through the Internet. Prior to joining Qualys, Wolfgang was Director of Network Operations at the Online Music streaming company and at iSyndicate, an Internet media syndication company. Earlier in his career, Wolfgang held a variety of technical positions at EDS, MCI and IBM. Wolfgang earned master's and bachelor's degrees in computer science from the Technical University of Darmstadt, Germany.

Wolfgang is a frequent speaker at security events and forums including Black Hat, RSA Conference, InfoSecurity UK and The Open Group. Wolfgang is the main contributor to the Laws of Vulnerabilities blog. 

Published Thursday, December 10, 2015 6:30 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<December 2015>