Following a year of damaging security incidents at organizations ranging from the US Office of Personnel Management to Canada’s Ashley Madison web site, security experts at Unisys Corporation (NYSE: UIS) predict that leading security professionals around the world will adopt a new mindset in 2016, embracing advanced approaches such as micro-segmentation to counter increasingly sophisticated attacks by cyber criminals.
“Corporate and government leaders understand that as their enterprises have grown beyond their four walls and threats have moved from concept to reality, their whole approach to security must change now,” said Tom Patterson, vice president of global security, Unisys. “In 2016, corporate leaders will take the actions needed to protect themselves in this new reality.”
Regarding Colombia and Latin America specifically, the escape of data from the data center leads the list of concerns. “A phenomenon that we observe is the growing handling of data outside of what are considered secure environments such as data centers. With the growth in the use of mobile devices and cloud systems, and more recently the arrival of the Internet of Things, critical data is every day more dispersed,” Unisys’ security practice leader for Latin America Leonardo Carissimi told Finance Colombia. “The data has left the data centers and is now found in our streets, airports, restaurants, and homes. Where there are people, there is a smartphone, and many of those contain critical data that needs protection. Companies need security strategies that are both simpler and more effective, that bring protection to any of those environments: data centers, the cloud, mobile devices, the Internet of Things, etc.”
Rogue intelligence officers, machine-controlled physical attacks, and the rise of quantum computing will demand new approaches such as micro-segmentation and quantum encryption.
Consequently, Patterson predicted the rise of a new security approach that embraces micro-segmentation, which allows enterprises to easily and economically divide their physical networks into hundreds or thousands of logical micro-networks, or microsegments. Such an approach understands that adversaries will ultimately infiltrate an organization, but limits the damage they can do once they’re in, making the difference between a routine cyber incident and a business catastrophe.
Patterson predicted additional new developments in 2016, including new security threats from rogue intelligence officers; cyberattacks that result in physical destruction; and the rise of quantum computing threatening encryption-based defenses.
Prediction: Rogue intelligence officers will use government-owned spy capabilities for their own purposes.
Many of the state-sponsored attacks that have been attributed to governments around the world are actually executed by state employees motivated by their own ideological issues without government authorization.
In 2016, Unisys predicts that rogue intelligence officers will emerge as a separate threat category that business and government organizations will need to monitor and control in a different way than they would for a state-sponsored attack.
Prediction: Cyberattacks meet the physical world – with potentially fatal results.
Up until now, the worst thing that could happen to a machine under cyberattack would be “the blue screen of death.” Now, attackers can control machines, which means they can crash your car, stop someone’s heart, black-out your city, or destroy public infrastructure. With many of these devices built on old open systems, integration of modern security is critical to our lives and livelihood.
Unisys predicts that enterprises will see the real world results of this in 2016 as digital and physical worlds collide.
Prediction: Expect a massive ramp-up in the arms race around quantum encryption.
Today’s cyber criminals looking to circumvent encrypted communications are limited by the inability of modern computers to calculate a long encryption key. But with the impending advent of quantum computers, able to break down encryption in seconds, enterprises will need more advanced encryption approaches to thwart criminals.
“I believe that businesspeople worry more and more about their IT security. The budgets of our customers have grown in recent years. The thing is, it never seems to be enough. There is always the risk that some criminal will find a breach and be able to steal data or cause damage. The budgets, even though they are growing, are not infinite, and no company can guarantee that it is 100% secure, no matter what they invest,” said Carissimi.
He continued: “This afflicts the security managers, who perceive their efforts never seem to be enough. For that , we have presented our customers with a distinct focus. They can’t continue to invest their entire budgets in new tools that only intend to keep criminals out, one part of this should be investing in guaranteeing the resiliency of the company for the day when the criminals are able to successfully breach the company’s defenses!”
In 2016, Unisys predicts a significant increase in enterprise funding and R&D investments in developing quantum encryption as a means to counteract the advent of quantum computers.
“Although many threats loom in 2016, security professionals also have an arsenal of new countermeasures like micro-segmentation,” Patterson said. “This will be the year we start changing the playing field and shifting the advantage back to the good guys.”