Virtualization Technology News and Information
Article
RSS
Nucleus Cyber 2020 Predictions: Insider threats will continue to threaten in 2020

VMblog Predictions 2020 

Industry executives and experts share their predictions for 2020.  Read them in this 12th annual VMblog.com series exclusive.

By Dr. Steve Marsh, VP of Product, Nucleus Cyber

Insider threats will continue to threaten in 2020

Insider threats will continue to compromise organizations in 2020. Companies in every industry, especially those highly regulated with massive amounts of data (healthcare, financial services, etc.), remain at risk.

Some frontrunner reasons for this lack of security in the security business include:

  • Threat surfaces change faster than the security industry can keep up.
  • Phishing attacks increase in complexity with every attempt.
  • Unknowing, as well as unscrupulous, insiders jeopardize security 24x7.
  • Power, money and digital assets are desirable and lucrative.

The new cyber-norm for IT will center around adaptability, flexibility, data-centric security and speed-to-resolution. Following are key insights to keep in mind when planning security strategies and tactics for 2020 and beyond.

Identity must be paired with data security

In 2019, identity became "the new perimeter," as CIOs realized that, due to the adaptive nature of threat vectors, they can't solely focus on securing the network. The notion of "impenetrable castle walls" quickly crumbled with the acceptance that securing the perimeter may slow someone down, but won't prevent sophisticated hackers from breaking in.

Once inside, the cybercriminal's strategy is pretty straightforward: find a weak link with compromised credentials and steal them to gain unfettered access. 

One way companies have tried to prevent this risk is by requiring users to regularly change passwords. With the average person having 90+, IT quickly realized that password changing is a faulty strategy (users struggle to create with new password combinations, patterns become traceable, etc.). Companies will not be putting a lot of stock in that approach.

Instead, CIOs are advised to expand multifactor authorization (MFA) tactics and build new technologies into multifactor identification, like virtual smart cards and MS Authenticator Wrap. Even new identity management tools, like the ones that target suspicious behavior upon login, are helping the shift toward MFA standards to ensure the individual logging in is, in fact, the authorized individual to log in.

Collaboration tools are fueling the insider threat fire

A multilayered approach means not putting all the proverbial security eggs into one basket (i.e., a defense in depth strategy that is network and/or location-based). Success of a security infrastructure transformation is going to be a direct result of the CIO's, and IT department's, ability to quickly adapt, remain flexible and focus on data-centric security measures that prioritize identity as the new perimeter.

Continuing with the defense in depth reference, that approach has to evolve to split up protection to systems, user identity and data assets. The risk of threats extending deep into the data layer when multiple tools are leveraged must be managed in the context of compliance regulations, as well. The rapid adoption of Microsoft Teams for collaboration is a good example of a coveted vault targeted from every direction.

Data-centric protection will mean understanding what every single user "looks like" in order to authorize access to the system and then clearly define what they can do within the platform once inside. Secure collaboration must be at the core of a 2020 enterprise.

##

About the Author
 
Dr. Steve Marsh
 
Dr. Steve Marsh is the Vice President of Product at Nucleus Cyber and brings more than 20 years of product experience to Nucleus Cyber from Microsoft, Metalogix, start-ups and academia. He drives product management and product marketing to deliver first class customer experiences, strategic product roadmaps and key go to market messaging. Steve holds a PhD in Microelectronics and Materials Physics, and lives in the Pacific Northwest with his family.
 
Published Monday, January 27, 2020 7:41 AM by David Marshall
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
top25
Calendar
<January 2020>
SuMoTuWeThFrSa
2930311234
567891011
12131415161718
19202122232425
2627282930311
2345678