If the past two decades could be summed up in one word, it would be innovation. From the IoT to mobile applications, the axiom that the only constant is change rings true. The evolution of the digital landscape has made a dramatic impact on cybersecurity, with organizations tasked with maintaining security and compliance in more complex and technologically diverse environments. Keeping track of those changes and what they mean for information technology is a necessity.
Perhaps the biggest change is that cybersecurity has gone from being an afterthought to an increasingly larger part of business discussions. The effects of this change can be felt throughout the modern enterprise, from secure coding practices to CISOs playing a larger role in executive board meetings.
Regulatory compliance mandates and awareness of data breaches have led to companies baking security into their products and services more than ever before. Even the push to fill the cybersecurity talent gap, which is expected to rise to 1.8 million unfilled jobs by 2022, can be traced to growing awareness that cybersecurity needs to be taken seriously.
What’s Going on Today
One of the biggest drivers of security spending is regulatory compliance, and with the General Data Protection Regulation (GDPR) in effect, companies are paying close attention to its impact. While the dust is still settling, it is clear the penalties attached to failing to comply are driving security spending for affected organizations both large and small. Fines aimed at GDPR violations have already hit Facebook and Google.
Internally, this fear has led organizations to pay more attention to the data they process and store as well as improved data hygiene practices. The benefit of this goes beyond compliance; better data hygiene enables companies to draw more accurate insights from their data and can potentially impact everything from marketing to sales to business operations.
As security has become top of mind for enterprises, security technologies have advanced to meet the demands of an increasingly digitally-connected world. Gone are the days when signature-based antivirus and network firewalls were enough. Protecting modern businesses requires ingesting, processing, and analyzing massive amounts of data — from threat intelligence to network traffic anomalies to unauthorized application login attempts.
This reality has spurred the maturation of machine learning capabilities for security applications. Machine learning enables tedious tasks like event correlation and analysis to be increasingly automated, saving time and enabling indicators of compromise to be quickly identified. This makes it a critical piece for the most effective security solutions.
Machine learning is not a cure-all solution, however, as human analysts are best suited to determine the amount of risk posed by a given threat or anomaly and how best to remediate it.
There will continue to be pressure on organizations to find and retain talented cybersecurity professionals. Achieving that will require businesses to offer not only competitive salaries and benefits, but also challenging and stimulating environments where security is valued by the organization’s leadership.
Inevitably, the security needs of enterprises will evolve to keep pace with their market and their competitors.
The explosion of IoT devices has forced the security industry to contend with an increasingly interconnected environment. As the need to manage and protect these devices arise, there will be more pressure on IoT vendors to build security and strong authentication into their products. In addition, work on security standards for IoT will need to continue as more business and consumer adoption occurs.
The growing number of services offered in the cloud will continue to have a similar effect, forcing business to come to grips with unifying protection across hybrid, on-premises, and cloud environments. Marrying security with cloud products and services in this environment is simply good business. With the continued growth of machine learning, it is likely that it will be used to bolster security for the cloud as well.
Necessity is the mother of invention. What is certain, is that the awareness of cybersecurity will continue to push the innovation and adoption of security solutions focused on protecting data and maintaining compliance as technology continues to transform today’s businesses.