alex_aldo - Fotolia
- Kathleen Richards, Information Security
Some people are well-known for finding connections that others miss: Steven Levitt and Stephen Dubner applied economic principles to everyday life, kicking off the data analytics craze, more than a decade ago with Freakonomics. Author Malcom Gladwell, best known for his series of books and New Yorker articles, has mined history, science and psychology to look at underdogs and outliers. Remember the 10,000 hours rule?
As 2016 gets underway, many security professionals will have the opportunity to look at advanced threats and indicators of compromise through a different lens. On-premises and off, vendors will continue to beat the drum of interconnected technologies that offer holistic approaches. Threat defense tools with enhanced algorithms and machine learning -- user behavior analytics, for example -- promise different ways of looking at the same problems.
Even with new levels of granularity, security analysis that connects the dots in a timely fashion (or at all) remains a major challenge for threat defense. In our February cover story, award-winning technology journalist Rob Lemos reports on attack techniques that continue to evade threat defenses. Attackers are becoming more skilled at not only avoiding detection by vulnerability scanners, but also hiding from the automated analysis techniques that security firms rely on to detect malicious programs. They are also learning from companies' threat defenses, Lemos writes. The DarkHotel group fingerprints any system on which its program runs to detect an analysis environment, and then encrypts that data and stores it. What steps can enterprises take to bolster their threat defenses in light of these advanced threat techniques? Our analysis helps you lay the groundwork for 2016.
Many security professionals will also have to come up with new ways to do their jobs in the cloud in the coming year. "Whether you like it or not, this is the new normal," says Dave Shackleford, principal consultant at Voodoo Security. "Security teams need to make risk-based decisions with incomplete information, and that means placing some degree of trust in the cloud provider." He looks at key issues like cloud security policy and ways to successfully bridge on-premises and cloud in his new column, "The Hybrid Life."
What project initiatives are readers involved in this year? We look at survey respondents who indicated plans to invest in cloud security and data loss prevention (DLP) technologies in the next 12 months. Data protection is the common thread in both categories. Not surprisingly, technology Integration scored high among the readers polled; 70% said they are more likely to deploy DLP products if they are offered as a suite of interconnected tools.
The Internet of Things (IoT) will also require security professionals to rethink plain old Internet security, says Robert Richardson, editorial director of TechTarget's security media group. "Killer cars and new flanks for attack may be valid IoT security issues, but they don't do justice to three big problems that the Internet of Everything brings to the security arena," he says. To find out more, check out his column and IoTAgenda.com, which launched in late December.
The holidays have come and gone and so far, crickets … Has the mandatory rollout of EMV chip payments at US retailers improved security? (Maybe not, I encountered several brick and mortars that were not using their card machines.) With or without EMV, fundamental shifts are reshaping information security. Yet best practices such as patching known vulnerabilities are still lacking at many organizations. These lapses are often based on lack of prioritization or staffing shortages.
In his book, David and Goliath: Underdogs, Misfits and the Art of Battling Giants, Gladwell tells companies and people seeking success to "use what you've got." That advice holds true for threat defense.
Change the rules of engagement with deception techniques
Learn more about advanced threat detection
How to run a threat management program