Click the Yunnan Kingdee can subscribe.
Blink of an eye on 2017, the two years of the rapid changes in the security industry is a lot of people have not seen, followed by changes in the work of enterprise information security departments. Next, let’s take a look at how security experts predict trends in the information security industry in 2017.
1 incident response team at the brink of collapse
There will be no improvement in the security professional skills shortage; security needs are on the rise, and the talent pool has been unable to keep up. We will see more of the CIO shift security responsibilities to the outside of the enterprise, but there is always a limit. As the basic function of the configuration of new users, but also it outsourcing, outsourcing will fall apart the security incident response. Managed security service provider (MSSP) is a condition that does not know how to provide enterprise specific context and response. Therefore, although the low-level features to the MSSP, but like the response to the event of high-tech features remain in the enterprise. This led to the event response team to withstand more pressure, many teams do not have an event should be found in the operation manual.
2 manpower shortage will further affect the safety of the project
Network security incidents will continue to rise, but the talent pool is shrinking. CIO will put more thought into the safety process automation, not only to improve the security situation, but also to solve the problem of security technology personnel.
3 bad event response will be considered as a pre condition
The company’s ability to respond to security incidents will become the subject of network insurance policy considerations. Insurance companies will recognize that while providing network security strategies, they need to consider not only the customer’s ability to detect, but also the way customers handle security incidents.
4 data leakage, more disclosure
There is no doubt that the data breach will not end in 2017, especially from disgruntled former employees or contractors. These insiders or before leaving to collect information for their own profit, poor management strategy using vouchers or continue to harvest resources in the company after the departure of the code library for example……
5 small and medium enterprises turn to hosting security service providers to seek network security
To simplify IT, many small companies have turned to cloud and small local hosting service providers (MSP). Recently, small and medium enterprises (SMB) began to realize that they need security, so they have to consult these small MSP can provide security services. As a result, many MSP began to add security services in their portfolios, forming a long list of small managed security service providers (MSSP). Next year, it is expected that at least 1\/4 of small companies will turn to local MSSP to meet their own security needs, and the proportion will rise year by year.
6 a new generation of CISO and CSO will not come from traditional areas
Many companies have come to realize that the only way to promote business is in the form of a IT store, although it may be in a vertical industry, such as finance or health care. Finally, each company is a IT company, must accept the concept of maintaining relevance and competitive advantage.
Especially in the healthcare and financial sectors, companies are increasingly aware of the need to upgrade the job hierarchy with less than adequate security teams. Companies from all walks of life need to hire security experts to deal with real security business challenges.
7 new security staff and senior security personnel will show greater gap between
In order to keep security personnel, any new employees in the security team on average 9 months can be promoted to senior staff. These senior employees instantly in the global market value doubled, demanding higher salaries and jobs. Senior executives to keep them out, and was forced to cede the advanced title and the corresponding salary. At the same time, the primary and advanced skills and functional tasks are still in a state of unfilled.
8 identity management will lead to the birth of CIdO (chief identity officer) this role
Because of industry regulation, the role of security, operations, HR and CIO between the more nervous. As the company continues to face internal threats and ongoing attacks on customer identities, the role of chief identity Officer (CIdO) will appear in 2017. The new role will be the source of truth for managing employees, customers and third party identities. Their job is to protect customers, monitor employee visits and report to CEO. This role will work across the enterprise to ensure the integrity of each step of the authentication. CISO will quickly become in charge of privilege with the CIdO system and its interaction are big relief.
9 security skills gap will reach the canyon level so wide
The increasing complexity of today’s enterprise network protection is more difficult than ever. This problem is exacerbated by the continued expansion of the skills gap and the difficulty of finding the right people to fill vacancies. Because the safety skills gap problem into 2017, we can expect the automation will really take off, to reduce artificial tedious routine responsibility and action, help the doppelganger IT staff to focus on the really important matters. Talented employees can waste time in automation work, is arch-criminal IT departments are depleted.
10.2017 will be executive responsibility year
Network risk will be one of the biggest threats to the health of the company. CIO and CISO will need to strengthen the company’s existing threat detection capabilities. New strategies need to be implemented in order to identify the attacker as soon as possible and limit the malicious activities.
This operational change will require the use of self-learning security analysis techniques to detect some of the most critical early warning of the threat of the network: malicious insiders, external attackers, targeted malware, etc.. As a result, there will be ongoing budget redirection, from prevention to detection and response, to ensure that the security team has the necessary visibility to protect the company’s assets from the growing threat of harassment.
Sweep the concern of the public, WeChat