While automation and artificial intelligence (AI) offer endless possibilities for digital business, they also create complexities. The 2017 Gartner security predictions highlight potential business benefits, such as faster, better penetration tests. But they also showcase the potential dangers of automation when it comes to real-life safety incidents. One thing is clear, enterprises need to be prepared for a complex, connected future.
Explore the latest: Gartner Predicts for the Future of Privacy 2020
Rob McMillan, research director, presented the security predictions during the Gartner Security & Risk Management Summit 2017 in National Harbor, Md. Gartner predictions are designed to help organizations prepare for the future and identify where they might need help tomorrow.
By 2020, investment in artificial intelligence/machine learning-based tools for IT resilience orchestration automation will more than triple, helping reduce business outages from cascading IT failures.
Airlines lose more time to outages and have more operations interruptions due to IT than due to the weather. Part of the reason is that emerging ecosystems means more interdependencies so a failure cascades and recovery must also cascade. Automation is tailor-made for identifying where the failures might be, where they might be felt, and to build strategies for recovery. To get the business buy-in, link the security failure to the business impact.
Through 2020, zero-day vulnerabilities will play a role in less than 0.1% of attacks in general, excluding sensitive government targets.
It’s easy to get caught up in the notion of zero-day attack, but the vast majority of attacks that are successful exploit well-known vulnerabilities. Zero-day attacks are what people tend to worry about, but it’s not a typical case. It’s important that security teams combat existing vulnerabilities and ensure basic security is effective.
By 2020, 10% of penetration tests will be conducted by machine-learning-based smart machines, up from 0% in 2016.
Penetration testing today utilizes some level of automation, but still has a high degree of human involvement. However, machine learning has evolved to real-life applications. This means penetration tests can be done at the speed of a machine instead of being restricted to the rate of thinking a human offer.
By 2020, more than 20% of organizational business plans will use infonomics to provide a financial analysis of data assets and liabilities.
This prediction is tied to connecting security outcomes to business outcomes and applying value to the work of the security teams in terms of mitigating risk and enabling business function. When protecting data, it becomes a question of net value of the date compared with the cost of protection. What’s the value the data has to the organization, what’s the cost of protecting that data and is it viable? Look at the the investment and potential liabilities and make the decisions.
By 2020, at least one major safety incident will be caused by an IT security failure, leading to significant injury.
A temporary loss of power from a failed power grid is inconvenient, a loss of control by an automated medical device administering a drug could be dangerous. It is easy to imagine a scenario that an IT failure could have a physical safety outcome. The increasing complexities of connections means things and infrastructure with different levels of security are now interacting. It will be difficult to predict the risk that will arise.
By 2018, the 60% of enterprises that implement appropriate cloud visibility and control tools will experience one-third fewer security failures.
Adding telemetry to cloud workloads will be important to manage security failures. Even if the vendor is safe, telemetry and documented testing will allow security teams to show the business proof the cloud is working and is safe. Telemetry allows organizations to see the danger signs and allow for a quick--and possibly preventative--response.
By 2020, IT-sponsored information security programs will suffer three times as many significant breaches as those sponsored by business leaders.
Boards are now taking a greater interest in security and risk. This means there is a greater onus on security to translate the work they’re doing into a business context. Without the communication there is a misalignment between security and what’s going on in the rest of the organization .This is when you see the rise of things like shadow IT. With the alignment, the organization will stand or fall together, putting them in a better position than those who are siloed.