Rising Security Priorities: 5 Security Trends To Watch

By Michael Fimin, CEO and co-founder, Netwrix

Over the past eight years major IT industry shifts have demanded attention and budget. Hot topics that have dominated the IT conversation have included unstructured data governance, network monitoring, threat detection, virtualization, new cost-effective approaches to infrastructure management, and backup and disaster recovery solutions that help restore sensitive information in case of data loss or theft. These topics have changed the way IT manages and protects their environment, but even more where they place their resources and time.

Now, a new set of IT priorities are emerging with issues around security rising quickly to the top. These trends, with security at their core, will shape budgets, change priorities, and influence resource allocation in the years to come. Solutions providers in this security-sensitive time need to consider the following five industry trends. They are likely to dominate IT conversations into next year and beyond.

1. Account hijacking spreads panic. Even advanced protection is not a panacea against sophisticated cyber-attacks. Instead of contriving new ways to compromise an organization’s security mechanisms, hackers simply target administrator credentials. Hidden threats posed by insider misuse make enterprise-level visibility into activities of privileged users more important than ever. This helps discover threats across all levels of IT environment and mitigate data-related risks.
    
2. The cloud offers identity management. Cloud providers continue to upgrade their technology, focusing not only on cost-effectiveness and scalability, but heavily investing in security services. Offering more flexible access management models, providers help their customers establish more advanced security controls than companies can normally provide on-site. This makes cloud options more attractive to midsized businesses and, partially, large enterprises more likely to deploy hybrid cloud models while storing some of their data on-premises.
    
3. Security as an important part of MSP. Entrusting data and services to MSPs could be challenging and may increase security risks and compliance violations. When selecting a managed service provider, businesses need to verify the chosen provider can create infrastructure that is highly secure by default, ensure continuous compliance, and provide a viable disaster recovery plan.
    
4. Virtual environment needs security too. The adoption speed of virtual environments is impressive. About two-thirds of organizations worldwide already use virtualization, and a significant number have plans to join them next year. The rapid spread of the technology, its growing importance for businesses, and increased security threats pose the question of advanced protection. Companies still underestimate the importance of virtual environment security, but the trend has started to change as more organizations are planning to invest in virtualization security in the nearest future.
    
5. “Wetware” is the weakest link in cyber security chain. The human factor remains the prominent threat in terms of IT security. No matter how strong companies’ internal controls are, even employees’ slightest mistakes can cause serious data breaches. Experts agree one of a few truly effective strategies for overcoming potential threats is building a risk-aware culture across all levels of the organization. It is extremely important to convince employees that IT security is everybody’s job, not an external burden on IT departments.

Security will remain one of the most high priority topics in the coming year. Specifically, enhanced visibility into cloud and virtual environments, advanced protection of privileged accounts, and protection from the human factor, possibly the worst pain point of any company, will rise to the top of the IT conversation. As these issues affect internal workflows, enterprise organizations and their partners will be forced to look for additional security mechanisms to help eliminate the threats and risks that may impact business productivity or continuity.

Michael Fimin is an accomplished expert in information security, CEO and co-founder of Netwrix Corporation, the IT auditing company, providing software that maximizes visibility of IT infrastructure changes and data access.