Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

Security Trend Report, 2017

1 220 vues

Publié le

Purpose: The slides provide an overview on the I.T. Security trend
Content: Summary information about the I.T. Security marketplace, including trends drivers, spending trends, industry business cases, and adoption challenges. Also included are links to additional resources.
How To Use This Report: This report is best read/studied and used as a learning document. You may want to view the slides in slideshow mode so you can easily follow the links
Available on Slideshare: This presentation (and other Trend Reports for 2017) will be available publically on Slideshare at http://www.slideshare.net/horizonwatching
Please Note: This report is based on internal IBM analysis and is not meant to be a statement of direction by IBM nor is IBM committing to any particular technology or solution.

Publié dans : Technologie
  • Soyez le premier à commenter

Security Trend Report, 2017

  1. 1. Note: This report is based on internal IBM analysis and is not meant to be a statement of direction by IBM nor is IBM committing to any particular technology or solution. Welcome to the new era of cognitive security Sonya Gordon, Market Development, Senior Advisor - IBM Security Bill Chamberlin, Distinguished Market Intelligence Professional, MD&I HorizonWatch February 15, 2017 Security Trend Report, 2017
  2. 2. Note: This report is based on internal IBM analysis and is not meant to be a statement of direction by IBM nor is IBM committing to any particular technology or solution. About This Trend Report 15Feb2017  Purpose: The slides provide an overview on the I.T. Security trend  Content: Summary information about the I.T. Security marketplace, including trends drivers, spending trends, industry business cases, and adoption challenges. Also included are links to additional resources.  How To Use This Report: This report is best read/studied and used as a learning document. You may want to view the slides in slideshow mode so you can easily follow the links  Available on Slideshare: This presentation (and other Trend Reports for 2017) will be available publically on Slideshare at http://www.slideshare.net/horizonwatching  Please Note: This report is based on internal IBM analysis and is not meant to be a statement of direction by IBM nor is IBM committing to any particular technology or solution. 2 Security Trend Report, 2017 (External Version)
  3. 3. Note: This report is based on internal IBM analysis and is not meant to be a statement of direction by IBM nor is IBM committing to any particular technology or solution. An overview of the IT Security trend Drivers Security Spending  Growth in endpoints from mobile to wearables to IoT devices  Increased threats from malware, cybercrime, Phishing, & bots  High profile security breaches are damaging brands  Rise of virtualization & cloud which separates data user and data owner  Mobile employees want access anytime, anywhere  Increased focus on Corporate risk management, governance, compliance.  Increased focus on identity services - trusted, privacy- enabling, shared and easy-to-use identities Inhibitors/Challenges  Security is a barrier to cloud adoption, mobile, and IoT  ROI is still not a true value of measurement of security investment  Keeping up with BYO-everything  Increasing complexity of security environment  Skill gaps Key Insights 15Feb20173 Implications  Increased pressure on the CISO role to manage risk end-to-end across entire organization and every endpoint, every network connection  Increased need for skilled security professionals and service providers  Compliance requires continued investment  IT must understand implications of key trends such as cloud, mobility, social, big data, IoT, etc.  Encryption behind the firewall becomes a necessity  Biometrics continues to be an emerging technology that can be embedded into mobile solutions to enhance information security  Cognitive computing applied to security is an increasingly attractive solution In today’s data-driven, highly distributed world, there are serious threats that must be addressed head-on. New complexities and challenges are arising every day. Companies are looking for an integrated system of analytics, real-time defenses and expert resources to defend networks, systems and data. Security Trend Report, 2017 (External Version)
  4. 4. Note: This report is based on internal IBM analysis and is not meant to be a statement of direction by IBM nor is IBM committing to any particular technology or solution. Trends to watch within Security for 2017 “Worldwide revenues for security-related hardware, software, and services will grow from $73.7 billion in 2016 to $101.6 billion in 2020. The largest category of investment will be security-related services, which will account for nearly 45% of all security spending worldwide ” IDC Market Trends 15Feb20174 Other views on 2017 Trends • Fortune: Here's How Much Businesses Worldwide Will Spend on Cybersecurity by 2020 • eWeek: 8 Predictions About How the Security Industry Will Fare in 2017 • INC: How Cyber Criminals Will Weaponize the Internet of Things in 2017 • NetworkWorld: 5 cybersecurity trends to watch for 2017 • Information Age: 10 cyber security trends to look out for in 2017 • O'Reilly: 4 trends in security data science for 2017 1. Increased Pressure on CISOs. IT security programs are under more pressure than ever before. Corporate Boards want to know that security risks are being minimized and that programs are legally defensible. 2. Services in demand. Security services, especially professional services, contribute the most revenue in the market. Network security is a large segment and Mobile enterprise management will generate the strongest growth. 3. Focus turns to “Response and Remediation”. It’s very difficult to prevent attacks so more focus is being shifted towards post-attack analytic-powered solutions that identify the attacks as they happen and minimize the resulting damage. 4. Growth in SIEM, IAM, mobile security and services. Expect increased demand for security identity and event management (SIEM), Identity and Access Management (IAM) as a Service and mobile payment security in 2017. “60% of enterprise information security budgets will be allocated to rapid detection and response approaches by 2020.” Gartner Security Trend Report, 2017 (External Version)
  5. 5. Note: This report is based on internal IBM analysis and is not meant to be a statement of direction by IBM nor is IBM committing to any particular technology or solution. Trends to watch within Security for 2017 (continued) “The intelligent digital mesh and related digital technology platforms and application architectures create an ever-more-complex world for security. The IoT edge is a new frontier for many IT security professionals creating new vulnerability areas and often requiring new remediation tools and processes that must be factored into IoT platform efforts.” Gartner Market Trends 15Feb20175 5. Edge of IoT devices and apps create new security revenue opportunities. The increased security risk of IoT over pure IT systems remains a key challenge for IoT implementations. Enterprise look to consultants for help. 6. Enter cognitive security. Intelligent cognitive solutions generate recommendations for improved security in real time. As a result, cognitive security will help address the current skills gap, accelerate responses and help reduce the cost and complexity of dealing with cybercrime. Due to the increasing scale and complexity of threats, cognitive research is quickly intersecting with cybersecurity 7. Demand increases for SECaaS. Customers are choosing cloud-based security services for improved flexibility and scalability of security functions. Expect interest in incident response services (e.g., detection and remediation) and SIEM as a Service in 2017. IBM: Security Immune System (Infographic) Security Trend Report, 2017 (External Version)
  6. 6. Note: This report is based on internal IBM analysis and is not meant to be a statement of direction by IBM nor is IBM committing to any particular technology or solution. Trends to watch within Security for 2017 (continued) Market Trends 15Feb20176 8. Security Intelligence Event Management (SIEM): Demand for SIEMs in 2017 will go beyond simple log collection/correlation to include more advanced analytics, such as behavioral analytics. 9. Identity Access Management (IAM). The transformation to digital has accelerated the requirement for IAM capabilities, including both employee and consumer identity management as well as an increased focus on identity management for all devices and endpoints in the Internet of Things (IoT).. 10. Mobile security: As mobility security services begin to mature, more demand for blended managed and hosted security mobility services. Success depends on a combination of people, process, and technology 11. Managed Services. Enterprises increasingly expect a flexible blend of managed and hosted security services as well as varying levels of monitoring and management for different areas of their business. “The 2017 threats predictions run the gamut, including threats around ransomware, sophisticated hardware and firmware attacks, attacks on “smart home” IoT devices, the use of machine learning to enhance social engineering attacks, and an increase in cooperation between industry and law enforcement.”- Security Magazine 451 Research: 2017 Trends in Information Security CIO: 2017 Security Predictions Security Trend Report, 2017 (External Version)
  7. 7. Note: This report is based on internal IBM analysis and is not meant to be a statement of direction by IBM nor is IBM committing to any particular technology or solution. Six emerging security solution trends to watch 1. Remote Browser: Isolates the browser from the rest of the endpoint and from the corporate network, reducing the potential damage of malware 2. Deception: The use of deceit and/or feints designed to throw off an attacker and disrupt their automation tools, delay their activities or disrupt breach progression. 3. Breach Simulation Tools: Use threat actors and a understanding of the network to continuously assess infrastructure and apps for potential to be breached 4. Hunting Techniques: Advanced analytics, machine learning and technologies that allow data analysis and pivoting to seek out incidents 5. Intelligent Security Operations Center (ISOC): Go beyond events-based monitoring and traditional defenses. It has an adaptive architecture and includes context-aware components 6. Cognitive Computing Security Technologies: Due to the increasing scale and complexity of threats, cognitive research is quickly intersecting with cybersecurity. Companies will look to deploy analytics-driven, machine learning-based security decision support systems and technologies. “Built upon security intelligence, cognitive solutions generate not just answers, but hypotheses, evidence-based reasoning and recommendations for improved decision making in real time. As a result, cognitive security will help address the current skills gap, accelerate responses and help reduce the cost and complexity of dealing with cybercrime.” IBM Market Trends 15Feb20177 IBM: The IBM Security Immune System (brief) “When choosing the appropriate platform for threat hunting, look at specific elements of automation, how they incorporate various data sources, and their ability to identify and correlate patterns and to fully investigate and uncover adversary activity.” SANS Security Trend Report, 2017 (External Version)
  8. 8. Note: This report is based on internal IBM analysis and is not meant to be a statement of direction by IBM nor is IBM committing to any particular technology or solution. Trends to watch within selected vertical industries Market Trends 15Feb20178 • Retail. The significant and widely publicized breaches at large retailers continue to raise awareness and demand for security spending. Retailers put pressure on their OEM partners, including point of sale (POS) manufacturers, and suppliers to invest in security controls. In 2017, look also for an increased focus on fraud solutions and PCI compliance activities. • Healthcare. Healthcare is the #1 industry for records compromised. Because medical records cannot be cancelled like credit cards, they have a high value to cybercriminals. Breaches against healthcare providers are frequently attributed to highly organized, well-funded criminal organizations, compelling healthcare companies to expand their advanced threat detection projects. The focus in 2017 will be on data security and compliance. • Banking. The biggest security challenge for banking customers is assessing the security capabilities of their third-party business partners. Privacy, security and compliance when it comes to data are the top concerns. To decrease risk of attacks that originate in third parties’ infrastructures, banks will increase spending on products and services that help them monitor the security postures of third parties. • Telco. Telecommunications operators are increasingly targeted by hackers and hacktivists that aim to disrupt phone and Internet service for millions of consumers and businesses. While most operators have established strong security controls, they still face significant risks in their supply chains, including partners’ security infrastructure sourced from manufacturers in different countries. “As the intersection of personalization, privacy and security grows ever more complex, the challenge for retailers to protect their consumers’ sensitive information from the standpoints of both privacy and security intensifies.”- IBM Healthcare IT News: Top 10 cybersecurity must-haves for 2017 IBM: Security Trends in the Retail Industry Security Trend Report, 2017 (External Version)
  9. 9. Note: This report is based on internal IBM analysis and is not meant to be a statement of direction by IBM nor is IBM committing to any particular technology or solution. Staffing shortages, lack of analytics capability and international security laws inhibit adoption  Security staffing shortages. Nearly two-thirds of organizations worldwide report challenges hiring skilled IT security professionals. Security staffing shortages are especially pronounced in the U.S., where demand for security professionals will grow by 53% through 2018.  Lack of Analytics Capabilities. Many firms just are not collecting and managing the data that would allow them to perform the analytics that can help them identify threats and then reduce the average incident response and resolution time.  International privacy and data location regulations. There are hundreds of different laws around data collection, processing and transfer as well as breach notification in different countries, making it difficult for organizations to execute a security strategy that will be acceptable in all regions. “Detection must be able to identify changing use patterns; to execute complex analysis rapidly, close to real time; to perform complex correlations across a variety of data sources ranging from server and application logs to network events and user activities.” BI-Survey Big Data Security Analytics: Infographic Adoption Challenges 15Feb20179 TrustWave: 57% of IT Security Professionals Struggle to Find Talent CIO: 4 critical security challenges facing IoT Security Trend Report, 2017 (External Version)
  10. 10. Note: This report is based on internal IBM analysis and is not meant to be a statement of direction by IBM nor is IBM committing to any particular technology or solution. Selected Analyst Information and Resources Featured Links 15Feb201710  451 Research: Security  Forrester: Security Research  Frost & Sullivan: Cyber Security  Gartner: Digital Risk and Security  TBR: Security  IDC:  Security Products and Services  Security Research  Search for IDC Security Gartner: Top Security Trends for 2016-2017 Forrester: WEBINAR: Dive Deeper Into The Forrester Wave™: Digital Risk Monitoring, Q3 2016 Security Trend Report, 2017 (External Version)
  11. 11. Note: This report is based on internal IBM analysis and is not meant to be a statement of direction by IBM nor is IBM committing to any particular technology or solution. Selected Media Websites and Other Resources  CIO.com: Security  ComputerWorld: Security  eWeek: Security  IDG Enterprise: Security  InformationWeek: Dark Reading  InfoWorld: Security  Network World: Security Research Center  VentureBeat: Security  Wired: Security 15Feb201711 Reuters: CIA unveils new rules for collecting information on Americans Featured Links InfoWorld: Security “According to Forrester, 58 percent of breaches are caused from internal incidents or with a business partner’s organization. And 55 percent of attacks are originated by an insider as cited in the 2015 IBM Cyber Security Intelligence Index.” CIO How to eliminate insider threats Security Trend Report, 2017 (External Version)
  12. 12. Note: This report is based on internal IBM analysis and is not meant to be a statement of direction by IBM nor is IBM committing to any particular technology or solution. Selected IT Vendor Websites & Resources  Accenture: Security Services  Amazon Web Services: Security and Compliance Center  Booz Allen: Cyber Solutions  Cisco: Security  Deloitte: Cyber Security Services  Google: Application Security  HP: Security  IBM: Security and Security Software and Chief Information Security Officer  Microsoft: Security  Oracle: Security  PWC: Cybersecurity  RSA: Security  SAP: Security  Tata Consultancy Services: Security Services  VMware: Security  Wipro: Security IBM: Security Redbooks 15Feb201712 “In a world where privacy has become a competitive differentiator for multi- national organizations, businesses must increasingly work with their general counsels and chief privacy officers to understand global data privacy requirements, implementing controls that protect personal data accordingly.”- Christopher Sherman, Forrester Analyst Featured Links Security Trend Report, 2017 (External Version)
  13. 13. Note: This report is based on internal IBM analysis and is not meant to be a statement of direction by IBM nor is IBM committing to any particular technology or solution. Selected Social Media Sites and Searches  Facebook Security page  Google Blog Search: Cybersecurity  Google+ Communities Search: Security  LinkedIn Group Search: Security  IBM IBM Security Intelligence  Pinterest Search: Information Security and Cybersecurity  Slideshare: IT Security and Information Security and Cybersecurity  Twitter: Search on hashtags: #security / #cybersecurity / #infosec  YouTube:  Information Security Playlists / Channels  CyberSecurity Playlists / Channels  Wikipedia: Information Security and CyberSecurity Information Security playlists YouTube 15Feb201713 Featured Links Security Trend Report, 2017 (External Version)
  14. 14. Note: This report is based on internal IBM analysis and is not meant to be a statement of direction by IBM nor is IBM committing to any particular technology or solution. IBM Resources and Links ibm.com links • IBM Security: www.ibm.com/security/ • Cognitive Security • Cloud Security • Mobile Security • Solutions • Products • Services • News • developerWorks: Security • x-Force: X-Force • IBM Redbooks: Security IBM Social Media Platforms • Social Aggregator: Security • Community: IBM Security Intelligence • Twitter: @ibmsecurity and @ibmxforce - hashtags: #ibmsecurity and #infosec • Blogs: Security Intelligence Blog / X-Force / CISO Corner • YouTube: IBM Security • LinkedIn Group: IBM Security 15Feb201714 IBM: Step up to the Cognitive Era with Watson for Cyber Security “Cybersecurity is more than an IT concern, it requires engagement from across the business. However, many executives are either unclear on the risks or not sufficiently engaged in threat management.” IBM: Cybersecurity perspectives from the boardroom and C-suite Featured Links Security Trend Report, 2017 (External Version)
  15. 15. Note: This report is based on internal IBM analysis and is not meant to be a statement of direction by IBM nor is IBM committing to any particular technology or solution. More Insights on Technology Trends are Available 15 Other slide decks in this 2017 Trend Report series have been posted to Slideshare You are also invited to check out the following IBM websites and resources – IBM Academy of Technology – IBM Institute for Business Value – IBM Research and Research News and 5 in 5 – IBM’s THINK blog – IBM Think Academy on YouTube 15Feb2017 Security Trend Report, 2017 (External Version)

×