In the next few years organizations will face extreme IT security challenges. Hackers are targeting humans instead of machines. All the most costly cyber attacks (APTs, ransomware) are a result of employees or third party providers’ privilege misuse, and executing a social engineering attack is easier than finding zero days.
Traditional pattern-based perimeter defense tools, password-based authentication, user access control solutions are necessary but missing a trick when it comes to the detection of privileged account misuse or hijacked credentials. Once the attackers are inside the network (using legitimate user accounts to access sensitive data), their behavior is the missing link in detecting and – with real-time intervention – preventing breaches.
The importance of log management
Log management remains the base of IT security and IT management. Efficient, low overhead implementations, which scale well both for the variety and volume of logs, will prevail. The key trend is data integration, not just to centralize log data, but also to offer it to a variety of consumers, third-party tools, and Big Data technologies.
Pseudonymization and anonymization will be an important requirement of log management solutions balancing the protection of privacy, as the EU GDPR regulation requires.
Focusing on the activity of privileged users, who have unrestricted access to sensitive data, will remain key in the next few years. The market needs solutions that are able to monitor all important parts of the IT system, and extract as much information from the connections/user sessions as possible – both from old legacy systems and cloud applications.
Security is the bottleneck of cloud adoption, and making public cloud environments more secure by monitoring users and third parties to detect insider threats enables organizations to move part of their data to cloud platforms.
Storing bulletproof evidence about potential incidents, and making it quickly available for audit purposes, will increase the success of forensic investigations not only by accelerating the process, but lowering its cost as well.
User Behaviour Analytics
Because of the amount of data we produce, artificial intelligence will soon grab the spotlight. Turning data into valuable information to process for security or business intelligence analytics cannot be solved by human resources anymore. Self-learning Big Data algorithms can automate data processing and enable security professionals to focus on real, high-priority risks.
User Behaviour Analytics solutions are relatively new on the market. Integrating them into the existing IT environment and making them process existing data sources will also be crucial in the near future.