New research indicates that 2016 spending on cybersecurity protection is set to exceed $37 billion, as organisations increase spending on cybersecurity protection to keep their businesses, their data, and their users safe.
According to Ovum analyst Andrew Kellett, as threat levels increase, corresponding purchase responses are made.
“In effect, what we are seeing is an escalation of the cybersecurity arms race, with security intelligence and analytical capabilities being utilised to map the threat landscape, identify new and recurring threats, and take action against them,” he explains.
Kellett says new defenses will include technologies designed to identify and address the risky actions that users are taking and the unauthorised, often cloud-based facilities they are choosing to use.
“Keeping business data and users safe is a key issue,” says Kellett. “As such, there will also be far more interest in the control elements of security that define what users are allowed to do – what on-premise and cloud-based facilities and services they can and cannot use, which data resources they are allowed to access, and where that data can be kept,” he says.
In 2016, cybercrime, state-sponsored activities, and advanced persistent threats (APTs) will continue to make headlines, according to Kellett.
“Social engineering that targets human frailties will continue to put business systems at risk. But at the same time, a large percentage of organizations will be breached by not-so-special, commercially available malware, whose availability at bargain-basement prices on the Dark Web has significantly reduced the barriers to entry into the world of hacking,” he says.
“Therefore, detection and remediation tools that can spot all types of malware and reduce recovery timelines after a breach will continue to play an important role.”
Kellett says the newer elements of technology including cloud and mobile will still cause concern. “Their use and interaction with other developing areas of business activity, such as shadow IT and Internet of Things (IoT), will add to the need for improved levels of user and data protection,” he says.
“Further improvements to operational defenses will be needed to deal with the evolution and growth of distributed denial-of-service (DDoS) attacks and the re-emergence of ransomware activity, both of which are targeting at-risk business systems,” Kellett explains.
Further, Kellett says identity and access management (IAM) will continue to be the cornerstone technology for provisioning and controlling access to business systems and for building working relationships between businesses and their clients.
“There will be greater emphasis on the “digital user lifecycle” in 2016 as IAM usage extends across and beyond the enterprise to support the authentication, ease-of-access, and security requirements of everyone from consumers to privileged corporate users,” he says.