Virtualization Technology News and Information
GigaTrust 2018 Predictions: The Security Landscape of 2018

VMblog Predictions 2018

Industry executives and experts share their predictions for 2018.  Read them in this 10th annual series exclusive.

Contributed by Harry Piccariello, Chief Marketing Officer, GigaTrust

The Security Landscape of 2018

This past year, the colossal Equifax breach impacted 143 million people, making it one of the largest breaches to date. Unfortunately, even as technology evolves to protect against threats, malicious actors continue to develop more and more advanced attacks. Here are four predictions for the major trends that will shape the security landscape in the coming year; along with tips for how organizations can protect themselves from emerging threats.

For starters, it will be business as usual. Despite major recent breaches at Equifax, Deloitte, Verizon, University of Oklahoma and other major organizations in 2017, many companies will still not take security seriously. Expect to see two or more major breaches in 2018 impacting millions of consumers. How can companies reduce the risk of a breach? They can start by monitoring the security updates impacting the systems within the organization, and hold a monthly review to make sure they are up to date.

In addition, they can go behind simple perimeter security (networking or firewalls) by using rights-management software and actively protecting data leaving the network. A good rights-management solution protects content in transit, at rest, and while in-use. For data leaving your network, employ a data-loss protection (DLP) or a cloud access security broker (CASB) in combination with a rights management solution to actively monitor and protect the information leaving your internal network.

Regulations will (finally) prompt action. Regulations, such as NIST 800-171 and GDPR, will prompt companies to examine their overall security strategy and mitigate risks to their private information. Data privacy is now more important than ever; ensuring adherence to these standards will ultimately strengthen companies' business decisions.

Organizations should start with a standard such as GDPR, and use it to put a holistic security plan in place. They should make sure to enforce authorization into systems and networks, protecting content behind firewalls or beyond in case data is stolen, and having a plan of action for how to respond to a possible breach.

The more IoT, the more opportunity for data leaks. In 2018, there will be an increased use of IoT devices by consumers and across industries. People and organizations will benefit from the additional features and increased data gathered from these connected devices. However, a number of IoT interfaces do not have robust security. There will be an increased number of data breaches or device hacks in IoT devices next year. The best advice here is to research security before making a purchase. If a device has a hidden administrative account with a hard-coded password, it may be impossible to correct. IT leaders should look for firmware updates for devices on a quarterly basis and keep up to date on possible security issues. If a device is fundamentally flawed, the best course of action may be to turn it off to mitigate a serious risk.

Lastly, cybersecurity will be built into the core of organizational culture. In 2018, more companies will adopt "security-first" thinking. Imagine a moat surrounding a castle, protecting the king, queen, and other residents from invaders. Only in this case, instead of people you have PII, proprietary files, intellectual capital, medical information, legal documents, and other information that should only be seen and shared with the people and third-parties authorized by IT. To adopt such a culture, leaders should focus on getting employees to think about security with regular awareness campaigns, simulated security attacks with phishing and other attack vectors, and improved record keeping policies to manage and encrypt key organizational data, at a minimum, at rest and in transit and ideally in use.

As we near 2018, the hope is that these tips will help pivot organizations' security thinking in the right direction. How does your company plan to prepare for 2018?


About the Author

Harry Piccariello 

Harry Piccariello joined GigaTrust in early 2007 and has responsibilities for corporate and product management and marketing, placement, pricing and promotion. Harry's career as an information technologist spans more than 30 years of progressive and multifaceted experience pertaining to software products, application services, patents, international standards and specifications, and management consulting services supporting diverse international public and private organizations.

Prior to joining GigaTrust, Harry most recently served in executive positions at Cloakware, Inc. (acquired by Irdeto), considered the world's leader for software protection and anti-tamper solutions protecting more than a billion devices of some of the largest most recognizable and technologically advanced companies. And, ContentGuard, Inc. (acquired by Microsoft, Time Warner and Thomson), a company focused on creating the worldwide standard Digital Rights Expression Language, which is embedded within the Windows OS. As an internationally recognized pioneer in the field of Digital Rights Management (DRM) and Enterprise Rights Management (ERM), Harry has worked with leading vendors and standards-setting organizations such as OASIS, ISO, IEEE, and OMA (formerly the WAP Forum) for more than 11 years. He has served as a panelist at numerous international conferences and has authored several articles on ERM/DRM within the education, multimedia, and mobile community. Harry successfully completed the Executive Management  CMO Academy program at Columbia University, Graduate School of Business, holds an MBA from George Mason University, did his post-graduate International Relations Residency - PPE at University of Oxford, Oxford, England and studied computer science at the University of Maryland, College Park.

Published Thursday, January 04, 2018 8:01 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<January 2018>