Virtualization Technology News and Information
enSilo 2017 Predictions: The Threat Landscape, Security Market and Cybersecurity Policy in the Year Ahead

VMblog Predictions 2017

Virtualization and Cloud executives share their predictions for 2017.  Read them in this 9th annual series exclusive.

Contributed by Roy Katmor, co-founder and CEO, enSilo

The Threat Landscape, Security Market and Cybersecurity Policy in the Year Ahead

The rise of ransomware and other threat vectors in 2016 was record-breaking and left enterprises compromised and unsure of how to protect themselves in the new era of cyber threats. Meanwhile, the push towards cybersecurity legislation pending a new administration in the U.S. has left CISOs wondering how they'll be helped or hurt in the year ahead. What's certain is that we're sure to see some drastic changes throughout the complete lifecycle of security in 2017- from evolving threats, to the business market and U.S. legislation. Here are some practical strategies and tactics to protect data in light of what's to come.


Customers will mandate the integration of both Endpoint Protection Platform (EPP) and Endpoint Detection and Response (EDR) capabilities into a single one-stop shop endpoint platform. The idea behind layering EPPs and EDRs into a single preventative first and last line of defense is that everything missed by the EPP could be later prevented in real-time EDR technologies that record all activity on the endpoint and prevent post infection consequences in real-time. Yet to-date, EPPs are missing the unknowns, and EDRs are missing preventative capabilities, and as a result preventative post-infection capabilities will be required as part of the integration. Customers are fed up with so many endpoint solutions that need to be layered on top of one another. They want the combination of an effective, manageable and preventative security solution. In fact, they will demand it in the year ahead. Organizations should demand a shortlist of purchase criteria from their endpoint security platform, including the fact that it's manageable, preventative, accurate, real-time, autonomous and frictionless with other business operations.

The Managed Security Services Providers (MSSPs) market will continue to grow as security vendors start to offer their own security services. This is already happening year after year, but in 2017, MSSPs will grow to a point where security companies will need to enable managed services for themselves or integrate and sell their products mainly via MSSPs. That's because the common enterprise can't effectively deal with today's threat landscape and the overwhelming number of resources required to keep up, particularly in the face of talent shortage, retention issues and increasing OPEX. While the issue is complex, the MSSP market will grow in 2017 because businesses will demand more from vendors on strategy for security best practices, knowledge of applicable regulations, a deep understanding of the threats, forensics and remediation capabilities.

Enterprise network security will start shifting to the cloud, whereas network security will be offered as a service. Enterprises will be relieved to consolidate that cumbersome distributed shadowed network security burden by redirecting their distributed corporate traffic and allowing cloud-based network security services to apply and manage the security policies. Just like other services that moved to the cloud decreasing costs for customers, so will network security as a service reduce the overhead cost of purchasing and maintaining multiple physical network appliances as firewalls, IPSs, UTMs, WAFs, outbound proxies and access security brokers etc.. As a result, network security vendors will start providing visibility into enterprise network traffic allowing security teams to select their respective network security services and perform quicker remediation and forensics.


The new U.S. presidential administration will push for more laws and legislature around cybersecurity, but it will be ultimately ineffective. As record-breaking breaches rise and mass awareness of cybersecurity issues increase, there will undoubtedly be a surge of legislation proposed in 2017 to attempt to mitigate the risks. Due to difficulties with enforcement and attribution, such laws will be ultimately ineffective, leaving us in the same place we started.


About the Author

Roy Katmor is currently the co-founder and CEO of enSilo. Previously, Roy led Akamai's security strategy. Before that, he managed Imperva's data security products and architecture management. Additionally, Roy held various product management and R&D leading roles at several international public and privately-held companies. Roy holds a BSc in Information Systems from the Technion, Israel Institute of Technology, and MBA in finance and business strategy from the Hebrew University. Roy is a DIY master, enjoying fixing anything from cars to home improvement.


Published Monday, January 02, 2017 7:02 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<January 2017>