Advertisment

ServiceNow Security Predictions for 2018

The security threats and breaches of 2017 have set astonishing new records for personal data attack. Breaches impacted millions of people globally.

author-image
PCQ Bureau
New Update
security

The security threats and breaches of 2017 have set astonishing new records for personal data attack.  From WannaCry to Petya, the list of sophisticated and far-reaching breaches has been growing daily. In 2017, breaches impacted hundreds of millions of people on the worldwide level.

Advertisment

The security mission to guard, detect, and react, has remained the same for everything from IT networks and data storage to payment systems and IoT devices.

In the past ten years, a remarkable wave of technology modernization has been developed to support, protect and detect. Yet, the most uncared for the area of security is the part that can be controlled – the response. With the enlarged trend of security issues, the top management of organizations is looking into the need for intelligence and resilience to security and finding ways to tackle it.

According to a recent report, India’s IT spending is expected to grow to $ 1.7 billion in 2018 from the current $1.5 billion in 2017 including IT outsourcing, implementation and consulting services. India has embarked on a journey of digital transformation with initiatives such as the cashless economy and mandatory authentication linkage through a common biometric data platform.

Advertisment

While it is impossible to stop innovation in a country where ‘Digital India’ is getting a push, there are concerns about incorporating security right at the beginning. With the deployment of IT security solutions, enterprises need to protect their data, manage the resources and networks.

Presenting his outlook for 2018; Edgar Dias, Managing Director, ServiceNow India said, “We live in a world where security is about giving them access to right content to the right user. There is a growing need for every organization to adopt serious measures to combat security threats and maintain a balance between protection and response measures more proactively rather than reactive. Improvement in technology will come only through increased awareness amongst businesses and organizations. ”

As 2017 draws to a close, ServiceNow looks at a few top security trends to watch in 2018:

Advertisment

Prediction 1: Security “Haves” and “Have-nots” emerge.

Security teams struggle to quickly determine whether incidents are worth a response. Many organizations use dozens of security tools that create and funnel massive volumes of the signal onto the desk of the security professional. Analysts use spreadsheets and email to manage to react to this signal, and the sheer volume of alerts results in analysts spending too much time researching incidents.

In 2018, we will see security Haves and Have-nots emerge between those that begin to automate this research portion of security response and those that don’t. Companies with the tools and culture to embrace automation, and put technology to work for real business enablement, will perform better than those that don’t.

Advertisment

The Haves will be expected to report on security operations as a key part of their day-to-day business. They will have scalable processes in place and will be in a position to measure progress. Automation will help them better determine which systems to patch and when. They will respond to phishing attacks in minutes rather than days. For the Haves, this will be a point of pride.

The beauty of the Haves is that their security people will be freed from mundane and time-consuming manual research. They will have more time to focus on strategic projects that fortify the organization. This new approach extends beyond security. Automation is so effective it becomes a rising tide that lifts all ships, operating in virtually all areas of business.

Prediction 2: Security gains a seat in the boardroom.

Advertisment

Security programs are about tradeoffs and minimizing risk. To achieve greater success, security teams need to better articulate those tradeoffs by putting the risk and material consequences into business terms, fundamentally bringing security into their business strategy. CISOs need to help executives and board members understand the ROI, cost-benefit analysis, and security program tradeoffs by articulating the business risk versus business value.

In the coming year, we will see CISOs do more to present their security concepts and programs in business terms. Talking about securing data is one thing, but demonstrating the value that security offers the business is something else. This will eventually apply to every aspect of the business, but most immediately applies to regulatory compliance, potential lost revenue, customer relationships, legal liability, competition, intellectual property, stockholder loyalty and brand protection.

The boardroom needs to take a step toward security, and security operations need to take two steps toward the boardroom. Bridging the knowledge gap between security leadership and the board provides the framework to ensure effective security by helping all parties assess the risks and decide how to mitigate them.

Advertisment

Prediction 3: A breach enters our physical lives.

There is a difference between information and physical security. The breaches that plague organizations today are primarily information security violations. While painful, having credit card information, a social security number or personal digital information was stolen does not result in physical harm to the victim. In 2018, we will see a breach impact our physical, personal lives.

It might be a medical device or wearable that is hacked and remotely controlled.  Perhaps it will be an industrial IoT device or self-driving car that gets compromised.  Or something closer to home – literally.  Devices from the garage door to the refrigerator are becoming smarter and more connected. The impact of such an attack will force the government, business and individuals to take a closer look at the security of our infrastructure.

Advertisment

Prediction 4: Framework for data protection in India.

There are discussions around a co-regulatory approach that will involve the government and industry experts for governance of data protection in India.

A recent paper released on ‘data protection framework for India’ by a government-appointed committee of experts will draft a law based on seven principles — technology agnosticism, holistic application, informed consent, data minimization, controller accountability, structured enforcement and deterrent penalties. One critical element in the paper is that it stated the definition of personal data which ascertains the zone of informational privacy guaranteed by a data protection legislation.

This law will help data-driven innovations and lead citizens into a digital future.

security-threats wannacry breaches petya servicenow
Advertisment