Ten features define the information security industry in 2017

点击上方“云南金蝶”可以订阅哦
Click the Yunnan Kingdee can subscribe.
转眼2017就到,这两年的安全行业变迁之快是很多人都不曾见的,随之而来就是企业信息安全部门工作的变动。接下来,让我们一起看看安全专家如何预测2017年信息安全行业的工作趋势。
Blink of an eye on 2017, the two years of the rapid changes in the security industry is a lot of people have not seen, followed by changes in the work of enterprise information security departments. Next, let’s take a look at how security experts predict trends in the information security industry in 2017.
1.事件响应团队处在崩溃边缘
1 incident response team at the brink of collapse
安全专业技能紧缺现象不会有任何好转;安全需求在上升,而人才库一直跟不上。我们将看到更多的CIO将安全责任转移到企业外部,但总有个限度。像是配置新用户这种基本功能,外包也无妨,但安全事件响应外包就会分崩离析了。托管安全服务提供商(MSSP)是没有条件知道该怎样提供企业特定的上下文和响应的。因此,低级功能尽管交给MSSP,但像事件响应这样的高技术功能仍要留在企业内部。这就导致了事件响应团队要承受更多压力,很多团队都没有一份发现事件时应遵循的操作手册。
There will be no improvement in the security professional skills shortage; security needs are on the rise, and the talent pool has been unable to keep up. We will see more of the CIO shift security responsibilities to the outside of the enterprise, but there is always a limit. As the basic function of the configuration of new users, but also it outsourcing, outsourcing will fall apart the security incident response. Managed security service provider (MSSP) is a condition that does not know how to provide enterprise specific context and response. Therefore, although the low-level features to the MSSP, but like the response to the event of high-tech features remain in the enterprise. This led to the event response team to withstand more pressure, many teams do not have an event should be found in the operation manual.
2. 人手短缺将进一步影响安全项目
2 manpower shortage will further affect the safety of the project
网络安全事件还会继续上升,但合格人才库却在萎缩。CIO会将更多的思考投入到安全过程自动化上,不仅仅是为了改善安全态势,也是为了解决安全技术人才的不足。
Network security incidents will continue to rise, but the talent pool is shrinking. CIO will put more thought into the safety process automation, not only to improve the security situation, but also to solve the problem of security technology personnel.
3. 糟糕的事件响应会被当做前置条件考虑
3 bad event response will be considered as a pre condition
公司的安全事件响应能力将会成为网络保险策略的考量科目。保险公司会认识到,在提供网络安全策略时,他们不仅仅需要考虑客户的检测能力,还要衡量客户处理安全事件的方式。
The company’s ability to respond to security incidents will become the subject of network insurance policy considerations. Insurance companies will recognize that while providing network security strategies, they need to consider not only the customer’s ability to detect, but also the way customers handle security incidents.
4. 数据泄露,更多的泄露
4 data leakage, more disclosure
毫无疑问,数据泄露不会终止在2017年,尤其是来自心怀不满的前雇员或承包商的泄露。这些内部人士要么在离职前收集信息为己谋利,要么利用不良凭证管理策略,在离职后继续收割公司资源,比如代码库……

微软和Adobe对两个正被利用的0day漏洞发出警告
市民委门户网站网络与信息安全突发公共事件主要分为以下三类:

There is no doubt that the data breach will not end in 2017, especially from disgruntled former employees or contractors. These insiders or before leaving to collect information for their own profit, poor management strategy using vouchers or continue to harvest resources in the company after the departure of the code library for example……
5. 中小企业转向托管安全服务提供商寻求网络安全
5 small and medium enterprises turn to hosting security service providers to seek network security
为简化IT,很多小公司已转向云和小型本地托管服务提供商(MSP)。最近,中小企业(SMB)开始意识到自己需要安全,因而他们纷纷咨询这些小型MSP能否同时提供安全服务。于是,很多MSP开始在自己的投资组合中添加上了安全服务,形成了一长串小型托管安全服务提供商(MSSP)。明年,可以预期至少1/4的小公司会转向本地MSSP满足自身安全需要,且该比例会逐年上升。
黑客遇上新的钱途,钱不是唯一的动机,有些人还怀着政治目的。犯罪团伙在积极购买新的漏洞和利用信息,情报机关和安全机构仅靠自身的研究力量可能有限,收买黑客研究出来的新漏洞,甚至招安他们不失为上策。
To simplify IT, many small companies have turned to cloud and small local hosting service providers (MSP). Recently, small and medium enterprises (SMB) began to realize that they need security, so they have to consult these small MSP can provide security services. As a result, many MSP began to add security services in their portfolios, forming a long list of small managed security service providers (MSSP). Next year, it is expected that at least 1\/4 of small companies will turn to local MSSP to meet their own security needs, and the proportion will rise year by year.
6. 新一代CISO和CSO不会来自传统领域
6 a new generation of CISO and CSO will not come from traditional areas
移动支付中间人攻击防范
很多公司已经意识到,虽然可能身处特定垂直行业,比如金融或医疗健康,推进业务的唯一方式却是以IT商店的形式出场。最后,每家公司都是IT公司,必须接受维持相关性和竞争优势的概念。
Many companies have come to realize that the only way to promote business is in the form of a IT store, although it may be in a vertical industry, such as finance or health care. Finally, each company is a IT company, must accept the concept of maintaining relevance and competitive advantage.
尤其是在医疗保健和金融行业,公司越来越意识到提升职位层级带不来准备充分的安全团队。各行各业的公司企业需要招聘安全专家来处理真实的安全业务挑战。
Especially in the healthcare and financial sectors, companies are increasingly aware of the need to upgrade the job hierarchy with less than adequate security teams. Companies from all walks of life need to hire security experts to deal with real security business challenges.

7. 新生安全员工和高级安全人士之间将显现更大的缺口
7 new security staff and senior security personnel will show greater gap between
为留住安全人员,安全团队里任何新晋员工平均只需9个月就可晋升“资深”员工。这些资深员工瞬间就在全球市场上身价倍增,要求更高的薪水和职位。高管层为留住他们,被迫割让出“高级”头衔和相应的涨薪。同时,“初级”和“高级”之间的技能和职能任务依然处于未填补状态。
In order to keep security personnel, any new employees in the security team on average 9 months can be promoted to senior staff. These senior employees instantly in the global market value doubled, demanding higher salaries and jobs. Senior executives to keep them out, and was forced to cede the advanced title and the corresponding salary. At the same time, the primary and advanced skills and functional tasks are still in a state of unfilled.
8. 身份管理的需求将催生CIdO(首席身份官)这种角色
8 identity management will lead to the birth of CIdO (chief identity officer) this role
由于行业监管,在安全、运营、HR和CIO之间谋个角色更紧张了。随着公司继续面对内部威胁和对客户身份的持续性攻击,首席身份官(CIdO)的角色,将在2017年出现。该新角色将成为管理雇员、客户和第三方身份时的真相之源。他们的职责就是护卫客户、监视雇员访问和向CEO汇报。该角色将在企业范围内跨职能工作,确保身份验证每一步的完整性。CISO将会随着CIdO快速成为掌管特权系统及其交互的人而大松一口气。
Because of industry regulation, the role of security, operations, HR and CIO between the more nervous. As the company continues to face internal threats and ongoing attacks on customer identities, the role of chief identity Officer (CIdO) will appear in 2017. The new role will be the source of truth for managing employees, customers and third party identities. Their job is to protect customers, monitor employee visits and report to CEO. This role will work across the enterprise to ensure the integrity of each step of the authentication. CISO will quickly become in charge of privilege with the CIdO system and its interaction are big relief.
9. 安全技能缺口将达大峡谷级别那么宽
9 security skills gap will reach the canyon level so wide
不断增加的复杂性,让今天的企业网络防护比以往更为困难。加剧这一问题的,是持续扩大的技能缺口和找到正确的人填补职位空缺的困难性。由于安全技能缺口问题将涌入2017年,我们可以预期自动化将真正腾飞,用于减少人工的繁琐的责任和常规动作,帮助分身乏术的IT员工专注在真正重要的事务上。有才员工浪费时间在可以自动化完成的工作上,是IT部门被耗干的罪魁祸首。

Nature:科学家利用CRISPR-Cas9技术成功构建出细胞疾病模型

The increasing complexity of today’s enterprise network protection is more difficult than ever. This problem is exacerbated by the continued expansion of the skills gap and the difficulty of finding the right people to fill vacancies. Because the safety skills gap problem into 2017, we can expect the automation will really take off, to reduce artificial tedious routine responsibility and action, help the doppelganger IT staff to focus on the really important matters. Talented employees can waste time in automation work, is arch-criminal IT departments are depleted.
10. 2017将是高管责任年
10.2017 will be executive responsibility year
网络风险将仅次于金融风险和运营风险,成为危害公司健康的最大威胁之一。CIO和CISO将需要加强公司现有威胁检测能力。需要实现新策略,以尽快识别攻击者的出现和限制恶意活动。
Network risk will be one of the biggest threats to the health of the company. CIO and CISO will need to strengthen the company’s existing threat detection capabilities. New strategies need to be implemented in order to identify the attacker as soon as possible and limit the malicious activities.
这一操作性转变将需要利用自学习安全分析技术,以检测一些当今最关键网络威胁的早期警示:恶意内部人士、外部攻击者、针对性恶意软件等。其结果,将会是持续的预算重定向,从预防到检测和响应,确保安全团队有必需的可见性以防护公司资产免受不断增长的威胁侵扰。
This operational change will require the use of self-learning security analysis techniques to detect some of the most critical early warning of the threat of the network: malicious insiders, external attackers, targeted malware, etc.. As a result, there will be ongoing budget redirection, from prevention to detection and response, to ensure that the security team has the necessary visibility to protect the company’s assets from the growing threat of harassment.
微信扫一扫关注该公众号
Sweep the concern of the public, WeChat

公司应该针对信息系统安全的各层面、各环节,结合各部门和岗位职责,建立职责明确的授权机制、审批流程以及完备有效、相互制衡的内部控制体系,并对审批文档和内部控制过程进行及时记录。

猜您喜欢

…局切实加强中俄黑龙江大桥项目开工仪式期间特种设备安全保障工作
信息安全意识教育案例之商业黑客参与搜索引擎专利大战
保密知识第一课——准确定密并正确标识国家秘密
蔡少芬张晋结婚九年晒恩爱合影感恩陪伴
POSITRONICA SAFE-CHECK
信息安全在线课程