The Changing Face of IT Security

As the IT security landscape continues to grow and change, Benny Czarny, CEO and Founder of OPSWAT, shares his thoughts on the current state of the industry, and what he expects to see in the future.

Protect and prevent is just as important today as it was 10 years ago. Because traditional protection and prevention methods are not able to detect 100% of threats 100% of the time, the last decade has seen the industry expand to include more technologies focusing on the detection and mitigation of threats. Some companies are choosing to distance themselves from traditional solutions and while we are seeing more marketing around detection and mitigation, it simply cannot replace protection and prevention; the methods must be used in parallel. As an industry we can't suddenly just abandon the protection and prevention methods. If we do, the amount of detection and mitigation to do on any network would be staggering.

Security expectations have changed with the advent of BYOD. At this point in the data security environment most people are aware that a single installed antivirus system is not enough to protect a given endpoint. Ten years ago, IT security companies were more confident that their single security system would be able to prevent all types of viruses and malware that could pose a threat to the company. Today there is less expectation for IT teams to prevent all threats, with the responsibility of protecting the organization's cyber security much more on the individual than the IT security pros. BYOD (Bring Your Own Device) is one such example of this shift in responsibility. Ten years ago, BYOD was nowhere near as popular as it is today. We are now the managers of our own devices and, as such, the responsibility for the security of these devices is more on the individuals. The responsibility of IT Security will take on more of a central role, with solutions that provide IT Administrators with central visibility of BYOD and unmanaged devices becoming more important.

Antivirus is not dead! Despite many reports to the contrary, antivirus is definitely not dead. Traditional forms of antivirus are still highly effective at detecting known threats, which continue to be a big problem. If we were to remove all antivirus technologies from all machines, the amount of outbreaks would be catastrophic. We will however see a rise in the use of multiple antivirus engines in order to increase detection rates and thwart attempts to bypass certain antivirus vendors.

The traditional staples of security are still necessary investments for CIO's. Web security, email security and antivirus form the staples of security for all organizations and are just as relevant today for CIO's as they have been in the past. What we are seeing now though is a change in how the CIO's budget is allocated for these technologies. One trend we are seeing is antivirus technologies being included for free; for example the latest Exchange server and Office 365 both come with basic security features that may be sufficient for some CIO's. Looking back 10 years ago, antivirus was not included in most operating systems and therefore organizations had to invest separately in those types of technologies. With typical networks now being made up of roughly 50% Windows, 30% Mac and 20% other BYOD—the homogenous corporate network is largely a thing of the past, so while it is still necessary for the investment of these traditional staples to be there, it just may not be to the magnitude that we have seen in the past.

CIO Investment Priorities
Image via 2015 Gartner CIO Agenda Report

IT security providers need to be more innovative to be successful. With traditional security measures becoming more commonplace, and in many cases free, IT security providers need to remain innovative in order to achieve success. Companies that are able to develop innovative technologies will continue to grow and expand the number of organizations adopting their technologies.

High-profile hacks should be used to inspire improvement. The industry has been bombarded with high-profile attacks and data breaches, over the last 2 years especially. Attacks like the Sony leak serve to emphasize that security systems are still a vital aspect for every organization. With no single security solution being enough to address all attacks, it has also raised awareness about the importance of defense-in-depth. By emphasizing the weaker points within the industry, it serves as inspiration for the market and global IT governance to lift their game and continue improvements across the board.

Sources for Confirmed Data Breaches in 2014
Image Via Verizon Data Breach Investigation Report 2015

No system can ever be completely secure. But that doesn't mean we should stop trying! There is always something: a machine being hacked or an employee targeted to exploit a process or human behavior. As an industry we need to focus more on how to reduce those risks and mitigate them to the lowest point possible.

Targeted attacks will continue to increase over the coming years. Fuelled by an increase in cheap tools to create malware as well as the plethora of personal information that can be found online, we are already beginning to see an influx in targeted attacks which will only continue to grow in the coming years. We should also expect more web security threats, data security threats and mobile attacks, with security companies themselves being targeted more frequently. Attacks on critical infrastructure, such as financial systems and power stations, will also rise.

With the IT industry constantly changing and evolving, it is vital for everyone within the industry to stay ahead of the game in order to prevent hackers from gaining further ground. By using the past as a guide and continuing to look to the future, everyone from industry experts to end users will be able to keep themselves as safe as possible.