2018 cybersecurity predictions from Cyxtera
Executives from Cyxtera give us their considered views of IT security in the year ahead.
Move over Netflix: Threat analytic services on-demand has arrived
Christopher Steffen, CISSP, CISA, technical director:
“We are a world at war – and most people don’t even know it. It is not a traditional war with bombers, battleships and bazookas. Rather, it is being fought everyday by cyber soldiers, protecting governments and organisations from state-sponsored hackers and organised crime.
Unfortunately, most private enterprises and organisations do not have the resources to effectively combat coordinated cyberattacks – it isn’t their core business and information security resources are expensive and hard to come by. But the picture isn’t as bleak as it sounds.
2018 will see cybersecurity-related services dramatically increase, especially around threat analytics. In the past, only the largest companies could afford to invest in the procurement, management and maintenance of threat analytics services (TAS), but now they are becoming readily available to customers on demand for whatever purpose needed. Maybe it’s a point-in-time situation, like incident response or strategic advisory to evaluate existing infrastructure, determine regulatory compliance, or confirm the veracity of a particular security architecture.
Cyber-attacks will continue to increase. But organisations are no longer defenseless in the fight. TAS are not just for the big boys any more – every size company can take advantage of on-demand specialised services to improve their overall cybersecurity.”
- Hyper-converged infrastructure is the “Next Big Thing” in IT
Jason Lochhead, CTO:
“Over the last half-dozen years, we’ve seen massive improvements in IT scalability and efficiency. Companies are increasingly adopting both cloud and hyper-converged infrastructure (HCI) to enable further automation of their application environments. This trend will accelerate in 2018 as we continue to slim down hardware and deploy software solutions that do the heavy-lifting. HCI is an efficient, cost-effective way to integrate IT functions into a streamlined stack. The new year will usher in a new age in HCI in key areas.
According to a February 2017 survey by Harvard Business Review, the top two leading drivers behind increased cloud or hybrid cloud usage by companies of all sizes are business agility/flexibility and reduced costs. Given the demand, it stands to reason that HCI vendors will make it easier to leverage clouds, especially for workload mobility and disaster recovery.
Organisations will easily move applications from data centers to clouds. They will shift them on a real-time basis to the most optimal resource. This approached opens up many more options when it comes to cost, location, and performance.
As HCI becomes more pervasive, we’ll see continued improvement in the ease of platform management. One of the biggest selling points of HCI is simplicity. HCI vendors will continue to make it easier to deploy and operate their platforms, particularly when it comes to lifecycle management. Upgrading and patching will resemble a phone or laptop experience. Updates will download automatically and be applied with little or no disruption.
Another impending trend is the majority of HCI systems will be all-flash rather than hybrid configurations. The cost of flash has dropped while density has continued to improve. That combined with de-duplication and compression has made all-flash preferable to spinning disk, in terms of price and performance in most cases.
Finally, the HCI vendor landscape will consolidate. There are a few top players in the HCI market and many smaller companies vying for a share of the business. The ecosystem will start to consolidate via acquisition or changes in strategy.”
- From coffee pots to connected cars: IoT security moves from myth to reality
Holland Berry, director of solutions architecture:
“There is no crystal ball required to predict the continued and exponential growth of IoT devices in 2018. According to our friends at Intel, the number of these smart objects that have some sort of network connectivity will top 200 billion by 2020. Yep, that means each one of us humans will own an average of 26 of these ‘Things’ by the end of this decade.
While we all love the benefits and convenience of this new world of smart stuff, connected devices have the potential of becoming unintended soldiers in the new digital battlefield. Security, in most cases, has been an after-thought, if even a thought at all, during the design of connected devices. This makes them an extremely easy target to compromise, even for a junior hacker.
In 2018, we will see a new wave of security solutions that are custom tailored to ensure healthy communications to and from our IoT devices. I anticipate that we will see growth in modern zero-trust security architectures, such as Software Defined Perimetee, which will deliver IoT-specific border controls.
These tightly controlled (and monitored, of course) borders around our devices, combined with multi-factor authentication and strong encryption, will stave off the hackers and let our coffee pots and toasters keep their day jobs.”
- Software-Defined Perimeter security goes big in the gig economy
Paul Campaniello, SVP Marketing:
“The gig economy is on the rise. It’s estimated to account for 34% of the workforce today and is expected to increase to 43% by the year 2020. Professionals are opting for freelance versus full-time contracts and employers are benefiting. Yet, the gig economy introduces cyber security risks for employers.
Workers are no longer are sitting at their desk in a single location, accessing the corporate network behind a firewalls and IPS/IDS devices. The network perimeter no longer exists. Piles of hardware, aka fortress-building, is ineffective and expensive.
As the gig economy explodes, users have become the new perimeter, working from wherever they have internet access. This shift in the workforce requires a dramatic change in how cyber security professionals secure networks. User access must be granted based on context, such as identity, environmental factors and infrastructure. Further, individuals need to authenticate first and connect second every time they want to access the network.
A Software-Defined Perimeter provides this deep level of granular access on-premises and in the cloud. It ensures the same level of scrutiny is applied to each device and every would-be user, whether they are employees, contractors or trusted third parties. As the gig economy explodes, so too will Software-Defined Perimeter cyber security solutions.”