There have been a lot of data dumps lately by Bitdefender, Palo Alto Networks, and Fortinet. Fortinet provided this document, entitled “A SECURITY LEADER’S DEFINITIVE GUIDE TO THE THREAT LANDSCAPE“. It is a good read. A brief summary is provided below:
1. THE INTERNET OF THINGS
- Experts predict that by 2020 there will be 4.3 Internet-connected devices for every man, woman, and child on the planet.
- Revenue resulting from IoT is estimated to exceed $300 billion in 2020, with a global economic impact of $1.9 trillion.
2. MOVING TO THE CLOUD
- Can I see and track my data as it moves between cloud environments?
- How do I prevent my data from beingstored with unapproved cloud service providers?
- What tools are available that let me enforce consistent policies regardless of where my data resides?
- Can I see and respond to malicious traffic that originates from or has passed into my cloud environment
The weakest link in cloud security, however, is not in its architecture. It lies in the millions of remote devices accessing cloud resources. Cloud security depends on controlling who is let into the network and how much they
are trusted.
3. RANSOMWARE
- Part of the reason is that threats are getting smarter and harder to detect. The other is human nature. Someone in your organization is going to be tricked into clicking on an infected link or attachment that injects some sort of malicious code into your network, no matter how many times they are warned.
- The primary driver for most cyberattacks is financial, and nothing demonstrates this more than the dramatic rise in ransomware. According to some experts, the total cost of ransomware for 2016 topped a billion dollars, and this success is likely fueling its continued growth.
4. SSL ENCRYPTED DATA
- The volume of traffic that today’s networks need to consume and process has begun to overwhelm their security devices.
- Inspecting things like SSL traffic is extremely resource-intensive. As a result, most security devices on the market today take huge performance hits when inspecting encrypted traffic—and just when performance is more critical than ever.
5. THE CYBERSECURITY SKILLS GAP
- To add to the complexity of the problem, we are also facing a severe global shortage of skilled cybersecurity professionals.
- You can’t plan, design, implement, manage, analyze, assess, or improve your security posture if you don’t have people on your team with adequate security skills who also understand your short- and long-term business objectives and the security ramifications of the radical changes happening in the network.