In our 2011 CyberSecurity predictions, we forecast that technologies such as biometrics and sophisticated monitoring applications would move to the forefront of the security discussion. As organizations worked to mitigate an ever-growing array of risks from cyber crime to cargo bombs, we predicted that organizations – particularly government agencies, financial institutions, and airports – would invest in advanced identity and credentialing and secure supply chain systems.
In addition, as cyber crime grows more sophisticated and IT infrastructures become more complex, we predicted organizations would take a more holistic, integrated approach to security across the enterprise. Organizations would increasingly work to integrate their myriad physical and digital systems into single-pane dashboards that enable them to better monitor security threats across their organization and manage overall compliance requirements.
In 2012, we expect that organizations will continue along this trajectory in an effort to integrate their CyberSecurity operations into a proactive enterprise security intelligence methodology that can deal with a wide range of potential threats and vulnerabilities. These threats are primarily driven by the increasing sophistication, frequency and scale of cyber crime, and the rise of mobile devices and mobile applications as the preferred “new desktop” fueled by the Consumerization of IT. In addition, the ongoing security and sensitive data protection issues related to the mainstream adoption of cloud and social computing, and the increasing regulatory environment will drive organizations to embrace a proactive security model based on advanced event correlation capabilities.
In this proactive approach, hybrid (physical and cyber) security operations models will employ dedicated analysts coupled with advanced data analytics gathered from an array of sensors to predict and remediate emerging threats before they cause significant damage. The key aspects of this proactive enterprise security intelligence methodology are the integration of an array of sensors such as intrusion detection, malware and antivirus detection, and data loss prevention coupled with continuous compliance capabilities, forensics and situational awareness all built into the operational model. The focus will be on proactive techniques and intelligent analytics in order to reduce the cycle time between threat detection and remediation. Another step organizations will take will be to follow a defense-in-depth approach and create protected silos within their data operations to prevent access to sensitive information in cases where their network perimeters have been breached.
Notably, as disruptive trends such as cloud, mobile and social computing make the enterprise security perimeter increasingly porous, we expect CIOs and CISOs to employ other disruptive trends such as big data and smart computing to help tighten their defenses. We expect that big data-style intelligent analytics techniques will be increasingly applied towards fraud detection in financial services as evidenced by some of our recent client work and that advanced data visualization will be increasingly applied to help dedicated analysts identify patterns representing emerging threats to business operations.
An additional focus for 2012 will be on continued cost savings and standardization through consolidation of security systems such as access control and video surveillance particularly in global organizations with a diverse and geographically dispersed amount of infrastructure.
Overall, we anticipate organizations will continue to mature their CyberSecurity frameworks and capabilities whilst at the same time consolidating key systems for cost savings and standardization. The savings applied through consolidation will then be able to be re-directed towards hardening the CyberSecurity perimeter.