NSS Labs’ 2016 Information Security Predictions
3 likes526 views
The document reviews the cybersecurity landscape of 2015, highlighting significant breaches and market trends, with a focus on independent testing. It predicts continued challenges in 2016, including geopolitical issues affecting cybersecurity policies, growing importance of data integrity, and trends in product consolidation. The document emphasizes the need for continuous monitoring and adaptation to emerging threats as critical for securing applications.
NSS Labs’ 2016 Information Security Predictions
- 1. 2015 A YEAR IN REVIEW 2016 PREDICTIONS NSS Labs Research December 9, 2015 Jason Pappalexis, Research Director Andrew Braunberg, Research VP Mike Spanbauer, Research VP
- 2. Slide 2 NSS Labs Experts Andrew Braunberg Research VP Jason Pappalexis Research Director Mike Spanbauer VP, Research
- 3. Slide 3 Agenda • The Need for Independent Testing • 2015 Security Year in Review • 2016 Security Predictions • Q&A
- 4. Slide 4 NSS Labs The World’s Leading Security Insight Company
- 5. Slide 5 2015 Year in Review • State sponsored breaches causing serious fear, friction • Public disclosure of breaches, particularly OPM, driving need for response • German Steel Mill hacked, disabled • DHS performing penetration tests • End of European Safe Harbor Agreement Information Security and Privacy as Global Business and National Security Issues CYBER-‐ATTACKERS MOVE FASTER THAN DEFENDERS
- 6. Slide 6 2015 Year in Review • Innovation: Markets that are Punching above their Weight Class • BDS • CASB • Endpoint • Security Intelligence • Investment: Huge interest from VC community • In the last two years, investors have staked $4.6billion into cybersecurity startups • Consolidation • NGFW is a maturing market – absorbing adjacent technologies • Trend Micro picks up TippingPoint from HP • Intel Security sells off Stonesoft assets to Raytheon|Websense • Point product acquisitions in numerous markets Security Markets: Innovation, Investment, and Consolidation
- 7. Slide 7 2015 Exploit Kits Observed Active exploit kits delivered 38,787 unique exploits • Angler • Magnitude • Neutrino • Sweet Orange • Styx • Blackhole • Gong Dad • Nuclear • Flash Pack • Rig • Kaixin • Fiesta • Goon/Infinity
- 8. Slide 8 2016 Predictions • Nation state détente? Or Smoke and mirror? • Behavior will only change when national interests do • More U.S. Federal policy unlikely in election year • Encryption/privacy is politically sensitive • Security as a board of directors level issue • Cyber Insurance as risk transfer • Limiting data collection as risk reduction • Focus increasingly on data integrity (incredibly important for IoT) • Safe Habor “fix” leads to increased data localization Security and Privacy Increasingly Intertwined with Broader Global Issues
- 9. Slide 9 2016 Predictions • Trends in portfolio consolidation • Dell and EMC merger, what is the implication? • Symantec – what would you buy with $US billions? • Who wins in NGFW with the perimeter dissolving? • # of $US billion security valuations (and rising!) • Pure play functionality needs to be able to integrate into larger suites of solutions Consolidations Continue as Does Adoption of Federated Models
- 10. Slide 10 2016 Predictions Security Products • The emperor wears no clothes – Next Generation • Integration becomes key selection criteria (an API isn’t sufficient) • SIEM(ply not working) – product consolidation • Growth of web application security Virtual Infrastructure • March to cloud computing continues, accelerating service aggregation (including MSSP) • SDN growth and security as an NFV use case Threats • Growth of mobile specific APTs • IoT Security Issues get real New Look at Pre-‐emptive, Preventive Security Products
- 11. Slide 11 Advice • Know the threats, know your apps • It’s not the 98% you catch, it’s the 2% you miss • Best Practices • Continuous monitoring • CAWS community is available for free There is no “done” with security
- 12. Slide 12 Questions? Market Analysis Buyers Guides Company Reports Technical Briefs Test Reports Comparatives Reports • Security Value Map • TCO • Security • Performance Product Test Reports
- 13. Thank you! For more information contact sales@nsslabs.com