Current industry trends in information technology and security include 5G connectivity and security risks, real-time detection emerges to tackle new security treats, unified cloud security platforms, endpoint management, and responsible AI.
1. 5G Connectivity and Security Risks
- According to a projection by Ericsson at the end of 2019, there were an estimated 10 million 5G users. This includes mobile phone users, IoT endpoints users, and every other 5G connectivity-supporting internet-enabled computer users.
- 5G is the fifth generation of technology for cellular networking. 4G will only achieve speeds of about 1 GB per second; however, there isthe potential for 5G technology to reach 100 GB per second, which is 100 times faster than 4G.
- According to the same report by Ericsson, this huge rise in use leads to a “3x increase in global mobile data traffic” per month by the end of 2024. Sadly, where “there’s more data, there are more threats.”
- Data traveling via 5G networks could be as innocuous as surfing on social media, “but it could also contain confidential patient information or vital business analytic.” Either way, securing huge, ongoing data transfers, would require considerable “efforts to secure and protect large swaths” of data.
- 5G is fantastic from a user’s viewpoint, ensuring that more individuals in more places will send huge files “across global wireless networks with low latency and minimal performance impact.” This raises a couple of questions from a security standpoint on new infrastructure, Nation-states, and IoT endpoints.
- IoT endpoints, for instance, “are going to boom as connectivity increases. These devices may operate in homes, offices, or factories and require numerous security mechanisms to prevent breaches and lateral movement exposure. In some cases, single IoT endpoints with a vulnerability have been undisclosed for far too long, letting hackers feast while the issue is covered up. Other flaws have allowed a single endpoint to compromise an entire family of endpoints.”
2. Real-time Detection Emerges To Tackle New Security Treats
- An advancement of detection technologies is being driven by emerging threats and a mutual security obligation between cloud service providers and companies.
- Providers of cloud services such as AWS, Google, and Microsoft have a constantly evolving relationship with their clients. This creates a need for accountability for multi-layered, mutually-owned defense. “Both parties are responsible for separate aspects of cloud security.”
- “Cloud providers remove the prevention layer and all you’re left with is detection and response,” said “Nabil Zoldjalali, a senior cybersecurity technology manager at Darktrace, at the Cyber Security & Cloud Expo Conference in November 2019.”
- The preventive layer remains intact, currently. “It just evolves and becomes more abstract since the on-premises infrastructure is no longer a factor. However, companies have to do whatever they can to restrict network access to unauthorized parties.”
- Although Network Access Control (NAC) remains a key component, detection and response are a continuous process that needs 24/7 monitoring.
- “New threats are driving investment into detection technologies. Fileless malware, for example, operates in memory, leaving no signature or forensic evidence. This type of malware may lay dormant and avoid detection, simply by operating within a device’s RAM. To combat this, a continuous risk analysis must be conducted to identify abnormal activity or unapproved access”
- “Advancements in social engineering and malware powered by machine learning” make it difficult to detect threats.
- New solutions, such as Security orchestration, automation, and response (SOAR), User and entity behavior analytics (UEBA), and Zero trust networking solutions are emerging to combat these threats. To rapidly detect and orchestrate the resolution of attacks as they occur in real-time, these solutions prioritize visibility, orchestration, and automation.
3. Unified Cloud Security Platforms
- “Since virtually all modern businesses will rely on multi-cloud environments, their security efforts will shift from a management-focused operational focus to one relying on unified visibility and automation across their disparate clouds.” “Companies see a growing need to consolidate cloud management as they operate hybrid and multi-cloud environments.”
- Since businesses “use so many cloud services and are expanding the use of software-defined security solutions,” any cloud operation should be managed centrally.
- “It’s up to me to consume all the right services, to create a pane of glass, enforce those policies, and hold myself accountable,” said “Sujeet Bambawale, 7-Eleven’s chief information security officer, at the Cyber Security & Cloud Expo Conference in November 2019.”
- The popularity of multi-cloud environments is expanding. According to a survey conducted by IBM, 98%of businesses expect to implement multiple hybrid clouds by 2021. The study also showed that 85% of businesses already use multi-cloud environments.
- Visibility centralization can provide security teams with greater visibility of access rights and improve the management of vulnerabilities across cloud environments. It also facilitates an improvement in standards for authentication and efforts to secure cloud workloads.
- In addition, cloud compliance is easier to achieve through centralized control, especially for companies “managing cloud services from multiple vendors.” Increasing visibility across cloud services can boost the business’s “ability to identify and achieve compliance for storing sensitive information.”
- Also, “centralizing visibility helps resolve one of the more common security errors caused by companies, misconfiguration. Each cloud and network environment today is unique and may require a customized configuration for proper protection.”
4. Endpoint Management
- The access to centrally discover, provision, deploy, update, and troubleshoot endpoint devices within the enterprise is requested by remote employees and distributed devices demanding access to corporate properties. It is important to secure endpoints, as these endpoints can be the entry point for cybercriminals to corporate networks.
- The use of an endpoint management system provides companies with many advantages, such as securing remote staff, maintaining endpoint environments, automating provisioning and compliance, and facilitating seamless endpoint troubleshooting.
5. Location-agnostic Operations
- Businesses are searching for models to sustain operations anywhere and at all times, with remote working patterns intended to be around for a long time. ” Location-agnostic operations should be designed” to serve clients everywhere, “enable employees everywhere, and manage the deployment of business services across distributed infrastructure.”
- This operating model enables the business to be accessed, distributed, and activated anywhere in physically remote environments where clients, employees, and business associates work.
- Companies are expected to invest in technology infrastructure, modern management strategies, and resilient protection and governance policies to deliver unique added value, seamless and flexible digital experiences.
6. Responsible AI
- Artificial intelligence (AI) is maturing rapidly with almost unlimited application as an extremely powerful technology. Our knowledge base and understanding are progressing at a phenomenal rate by integrating “human creativity and ingenuity with the scalability of machine learning. Nevertheless, “with great power comes great responsibility.“
- Due to its potentially disruptive effect, AI raises concerns on several fronts. Such issues include the relocation of workers, loss of privacy, possible decision-making biases, and lack of control over automated systems and robots.
- Responsible AI focuses on ensuring that AI innovations are used in a manner compatible with consumer preferences, corporate principles, and community laws and standards in an ethical, open, and accountable way.
- “Responsible AI can guard against the use of biased data or algorithms, ensure that automated decisions are justified and explainable, and help maintain user trust and individual privacy.” Responsible AI helps organizations to innovate and understand the disruptive potential of AI by having consistent rules of engagement.