​Stop just collecting security data and start using it better in 2016: Ovum

A rapid increase in spending on security solutions suggests that businesses are spending their way into a "cybersecurity arms race" that will see them leaning heavily on security analytics and threat-intelligence capabilities in 2016, research group Ovum has predicted while warning businesses not to be too impressed with solutions that prioritise collecting large volumes of data over analysing it.

Businesses will spend more than $37b on security solutions in 2016, the firm forecasted in its 2016 Trends To Watch analysis, which noted that cybersecurity teams had increased in organisational stature with their "mandate to protect businesses and users". This will see security organisations getting more proactive about implementing tools to identify the "risky actions that users are taking" and to ferret out unauthorised 'shadow IT' applications and services. This includes implementation of blanket access-control environments – including cloud access security broker (CASB) technology – that can control what resources users are and aren't allowed to access, when and from where.

While advanced persistent threats (APTs) and state-sponsored hacking will continue to make headlines in 2016, Ovum believes continued use of mass-marked commercial malware – available at "bargain-basement prices" that have significantly reduced the barriers to entry for would-be hackers – will pose an even more significant everyday threat for most organisations. The continuing onslaught of ransomware and distributed denial of service (DDoS) attacks, in particular, will require "further improvements to operational defences" in companies with at-risk business systems.

Although threat-intelligence platforms will play a significant role in bulking out these defences, organisations need to shift their focus in 2016 from building platforms that just amass large quantities of security-related information, and instead to focus on the actionable intelligence they can produce.

Companies "should not be impressed by the amount of threat data their security vendors can provide," the analysis warns, "even if it implies that the data is comprehensive. So far, the emphasis has been on the easier data gathering option [but] little of this data can be made into useful intelligence unless there is relevant and actionable context.

"2016 should be the year when actionable information is turned into genuinely useful threat intelligence," it adds, noting that security organisations need to achieve "trusted partner status.... Discussions should always focus on the prioritisation of threats that are relevant to the business, its operations, and its assets."

Ovum also forecasts a strong role for identity and access management (IAM) technologies, which have matured considerably in recent years and have become what the firm calls a "cornerstone technology" for provisioning and controlling access to business systems. The coming year will, Ovum's analysis concludes, see a greater analysis on the "digital user lifecycle" – mediated by a robust IAM framework and enhanced by continued improvements to tools that already exist in the market in one form or another.

The existence of such tools adds to the impetus for IT-security decision makers to embrace security technologies and build them into all forward planning – particularly if companies are looking to take advantage of the Internet of Things (IoT), in which case they should "think security from day one" and mandate that all endpoint and network security tools be equipped to secure such an environment. This mandate, as part of the effort to build the digital user lifecycle into corporate security practices, is likely to change procurement relationships and approaches. Those organisations that would be most successful in this change would, in turn, be best positioned to leverage their increasingly responsive security practice into a corporate information asset.

Tags security datathreat-intelligencedistributed denial of service (DDoS) attacksloud access security broker (CASB) technology

Show Comments