Network World posted Gartner's top 10 security predictions, along with some explanations and background material so it is worth reading the entire thing. But in a nutshell, here are the predictions:
"Through 2020, 99% of vulnerabilities exploited will continue to be ones known by security and IT professionals for at least one year."
"By 2020, a third of successful attacks experienced by enterprises will be on their shadow IT resources."
"By 2018, the need to prevent data breaches from public clouds will drive 20% of organizations to develop data security governance programs."
"By 2020, 40% of enterprises engaged in DevOps will secure developed applications by adopting application security self-testing, self-diagnosing and self-protection technologies."
"By 2020, 80% of new deals for cloud-based cloud-access security brokers (CASB) will be packaged with network firewall, secure web gateway (SWG) and web application firewall (WAF) platforms."
"By 2019, 40% of identity as a service (IDaaS) implementations will replace on-premises IAM implementations, up from 10% today."
"By 2019, use of passwords and tokens in medium-risk use cases will drop 55%, due to the introduction of recognition technologies."
"Through 2018, over 50% of IoT (Internet of Things) device manufacturers will not be able to address threats from weak authentication practices."
"By 2020, more than 25% of identified enterprise attacks will involve IoT, though IoT will account for only 10% of IT security budgets."
Yes, I know that is only nine predictions – and I counted them twice in the post. Beats me. However, I do want to pass along one overriding recommendation with which I agree: Businesses must be aware that delaying security measures in an effort to avoid disrupting business can be a false economy.
Ain't that the truth?
Hat tip to Dave Ries.
E-mail: firstname.lastname@example.org Phone: 703-359-0700
Digital Forensics/Information Security/Information Technology