Roundup: The Latest from the Cybersecurity Tech Analysts

threat hunting and security analytics

Of all the sectors technology analysts cover, cybersecurity just might be one of the most important. This is because while many technology markets are fluid, the dynamics of cybersecurity change daily.

From emerging threats, to the options for deterring or remediating those threats, it’s a full-time job to catalog and analyze emerging vulnerabilities, the technology options for resolving them, and what it means for the industry.

To that end, we’ve canvased the public facing blogs of several prominent analyst firms to see what’s on been on their radar of late. Here’s what we found:

1) What do new cybersecurity regulations mean?

The New York State Department of Financial Services (DFS) published cybersecurity regulations detailing minimum cybersecurity requirements for financial services companies. The requirements are intended to protect both consumers and financial services organizations according to a public announcement.

Designating a CISO and maintaining “detection and response capabilities” are among the list of obligations, according to Sam Olyaei, a senior research analyst with Gartner in a piece on the matter: NY DFS Cybersecurity Regulation goes into effect today, and it is already outdated!

The formality of penalty-backed regulations might be panic inducing, but it shouldn’t be a surprise, according to Mr. Olyaei:

“…it is my opinion, that many of these security activities (if not, all) were already taking place at most banks, insurance companies and other financial services firms.”

And later he suggests there may even be an upside:

“Everything and anything that FSI firms are doing in terms of cybersecurity must be through a risk-based approach. That now gives firms flexibility in determining the requirements that affect them the most.”

That flexibility is important because security isn’t just a technical problem, but a legal, policy and human behavioral problem as well.

2) Have security and DevOps found new drivers for collaboration?

Sometimes cybersecurity teams find it challenging to work with DevOps. This is because, as the insurance company Aflac pointed out in a case study, security is sometimes at odds conventional IT change management processes. When you need to plug a possible exploit hole, that hole exists in a production environment.

That might be starting to change according to Gartner Research Director Jonathan Care in a piece summarizing his impressions from the 2017 RSA Conference (RSAC): Thoughts from RSAC:

“For some time, DevOps and cybersecurity have eyed each other warily, and now a meeting of minds appears to be in place, with innovations to represent cybersecurity as a software defined model. This is, of course, interesting as we move more and more to the cloud, and it is likely to lead to increased agility in responding to advanced threats, allowing increased automation and machine-controlled rapid response.”

While Mr. Care represents the security perspective, glimpses of thawing relations can be viewed from the DevOps side as well. Stephen Elliot, a vice president of research for IDC recently advised DevOps to include security teams in service delivery collaboration:

“Take advantage of team-based collaboration and reinvent integrated service delivery across development, operations, and security teams with DevOps practices.”

Must See Complimentary Webinar — Register Today!

Play Offense: Proactive Hunting for Unknown Threats
Wednesday 4/19/17 at 2:00 p.m. ET

3) Security remains the top concern for mobile payments

Mobile payments are arguably the next competitive advantage for financial services firms. A recent survey by 451 Research found consumer interest at all-time high according to a piece by Kaitlin Buckley:

“Planned use of mobile payment apps has increased for the second survey in a row, reaching its highest level since we began asking this question back in 2014. A total of 29% of smartphone owners say they’re likely to use mobile payment apps over the next 90 days.”

However, if fraud and identity theft are reasons for consumers to migrate away from credit cards and other conventional forms of electronic payments, it’s also a roadblock to mobile payment adoption:

“We asked unlikely users what would drive them to adopt mobile payment apps. Two-thirds (66%) cite Security Against Fraud that is Better Than Traditional Payment Cards as a factor.” 

The graphic with this piece suggests it’s the top factor – and by a wide margin.

4) Is deception essential to cybersecurity?

Despite a steady increase in spending on cybersecurity, bad actors still get the best of enterprise security according to a new white paper by research firm Frost & Sullivan. The premise is based on research by Mandiant which found “the median time that attackers live inside an enterprise network before being detected is 146 days.”

The paper argues that hackers seeking to exploit an enterprise are effectively on a blind scavenger hunt, which proceeds by trial and error, and that presents opportunities to use deception to identify them:

“The hunters must gamble – gather pieces of information, without a pre-assessment of its value; and, in their gathering, risk being identified. It is this scavenger’s gamble where deception technology delivers its unique cybersecurity value: turning this gamble and risk of being identified into a certainty.”

We agree that new thinking in cybersecurity is required in this era of the assumed-breach security posture. This means shifting the focus, which has, in the past, primarily centered on prevention at the perimeter, to also include detection.

Security in the modern IT infrastructure is an exercise in risk mitigation with layers designed to stave off attacks.  However, it must also include the capacity find and manage those already underway to reduce dwell time and accelerate time-to-containment.

Your turn! What are some topics you’ve seen technology analysts cover of late that you deem important?

If you enjoyed this post, you might also like: Cyberthreat Evolution Shifts Emphasis to Proactive Detection and Prevention
Photo credit: Pixabay (CC0 1.0)

Back to Blog

Bricata and Garland Technology Announce Partnership
Technology Partnership delivers total network visibility and threat hunting to accelerate detection and response
+ +