It’s seems like just a few short weeks ago we were ringing in 2014, but here we are, facing the end of the year. As we get closer to 2015, experts in all industries are making predictions for the New Year — and identifying the trends to watch.
The world of IT security is no different, and there are certainly some major trends that are worth keeping up with as we move into the next year. With more and more businesses moving to the cloud, mobile technology slowing no signs of slowing down, and the consumerization of IT now a reality, the world of security has shifted markedly from where it was even a few short years ago — and for more changes to come in 2015.
Trend #1: Increased Employee-Based Breaches
Currently, experts suggest that just over half of all security breaches can be traced back to employees. With their increased levels of access and in-depth knowledge of corporate networks, it’s simply easier for employees to cause breaches, either accidentally or on purpose. In fact, the Department of Homeland Security recently issued a report noting that disgruntled employees actually present a significant risk to national security, as a number of recent high profile breaches have been linked back to employees who deliberately sabotaged their employer’s networks.
As a result, expect to see a great deal more attention paid to employee access and acceptable use policies, with more companies restricting who can access what, how they access it, and from where. In addition, more companies are expected to move toward a “zero-trust” environment, in which all network traffic is logged and scrutinized, to prevent employees from even accidentally creating the opportunity for a breach.
Trend #2: Increased Mobile Security
The BYOD trend is not going anywhere, and more employees than ever expect to be able to work on the go using their mobile devices. At the same time, even non-business mobile users are beginning to recognize the growing dangers in the mobile sphere and are demanding more security.
Businesses will develop more comprehensive mobile device management plans and invest in security solutions, while individuals will begin exploring more options for protecting their mobile devices from malware and viruses.
Trend #3: Cloud-Based Security
Cloud computing has been on the trends list for several years now, but one of the major factors that holds some companies back from cloud deployment is security. In 2015, look for more companies to not only move to cloud-based solutions, but also to turn to cloud-based security. Research firm Gartner predicts that by the end of 2015, at least 10 percent of all enterprise security products to be offered on a cloud-based platform. In addition, look for an increase in security solutions designed and built specifically for the cloud, rather than traditional applications being adapted to a cloud environment.
Trend #4: Managed Security Services
In the wake of a number of high profile — and costly — data breaches, many companies of all sizes are realizing that they do not have the skills and tools necessary to protect their network assets fully. Thus, many are turning to third party service providers who can provide higher levels of protection.
This doesn’t mean the end of in-house IT security teams, but in-house teams will be better equipped to handle multiple priorities, including mobile deployments, cloud-based servers, breach detection, and future planning with the help of the data protection company.
Trend #5: Increased Encryption and Two-Factor Authentication Deployments.
If there are two trends that are guaranteed to take the security world by storm in 2015, it’s these two. Again, thanks to high-profile breaches, companies are realizing that they need to do more to keep data out of the hands of hackers. Encryption isn’t anything new, but companies are now expanding their encryption policies to cover data in storage, in transit, and while in use in applications.
In addition, companies are better controlling access to sensitive data by implementing two-factor authentication. It’s becoming increasingly clear that the traditional username and password form of authentication is no longer adequately protecting data, as there is any number of ways that hackers can successfully collect login credentials. By shifting to a multi-factor authentication model that requires users to provide an additional element such as a token or a code, companies can more effectively thwart unauthorized access.
Of course, no one knows for sure what 2015 will bring, and new developments and technologies could completely change the security landscape. But for now, keep an eye out for these trends, and how they will play out in the next 12 months.
