Cybersecurity is now a game of attack, no defense.
It’s said that the best defense is a good offense. This is particularly true in cybersecurity, where the average cost of a security breach in the U.S. is more than $200 per compromised item, according to a 2017 Ponemon Study. Considering how many data items can be at risk in the event of a breach, this could rack up quite a hefty bill. The need for proactive, rather than reactive security hasn’t gone unnoticed. Gartner predicts global IT security spending to balloon from $90 billion in 2017, to $113 billion in 2020. Here’s how businesses can stay one step ahead in a landscape of constantly evolving threats.
Build an electric security fence
The rise of the cloud, mobile, and software-defined networks has greatly increased the possible ways for hackers to breach a network. Accordingly, IT departments have been busy replacing their old firewalls, switches, and routers, with smarter, more secure devices. But clever hackers can still find cracks in these defenses, so it’s important to monitor them constantly for suspicious behavior. One way is endpoint detection and response (EDR), which monitors network actiivty on each device and logs it for further investigation and reporting. Gartner predicts this and other “active” security measures- including cloud access security brokers (CASBs) and behavorial analytics- will gain more popularity. Just as an electric fence helps keep pests out, these tools will be essential in repelling cyberattacks before they escalate into major incidents.
Beware of automated attacks
A growing number of cyberattacks are triggered not by hackers, but by everyday users who fail to recognize abnormal system behavior as security-related. Employees may be aware that they shouldn’t install a suspicious program or browser toolbar, but less obvious problems- such as a laptop slowed down by a botnet, or an unsecured network printer- will often go unreported, resulting in some attacks remaining undetected for a long time.
Improvements in technology have made it easier for botnets, and other automated attcaks, to develop and spread. The problem will only grow as an estimated 20.4 billion internet of things (IoT) devices go online between now and 2020. A crucial pushback will be smarter users. While security technology is evolving fast, it’s also vital that companies have trained their staff to recognize the telltale signs of automated cyberattack.
Use (but don’t misuse) predictive analytics
What if you could detect threats before they occur? That’t the promise of predictive analytics, which uses AI-enhanced analysis of security data to detect possibly suspicious behavior. While the technology is promising, it’s important to remember that it’s no security catch-all, and people remain the most important of the defense. It’s more likely that human and machine intelligence will join forces against cyberthreats- as demonstrated in a recent MIT study, which claimed 85 percent success in threat detection.
The growth in the could, the IoT and bring your own device (BYOD) will keep security experts busy in the years to come. But if you really want to root out the malicious attacks before they cost you time, money, and customers, you must be ready to invest in proactive security measures.