cyber trends
Prediction #4 – Operational
technology assets getting onto
the Internet of Things will need
more security
The growth of the Internet of Things
(IoT) continues. While there have been
lots of consumer devices launched that
simply add an Internet connection to an
existing product, the market opportunity
for the future is growing around the
enterprise. From initial pilot projects, IoT
This year, security
teams will look to
learn from DevOps
teams around how
they achieved their
results and what
changes were
needed.
implementations are growing in supply
chain, logistics and services companies.
In practice, this means that more assets
are getting connected, including some
that pre-date the Internet as it is today.
Manufacturing execution systems and
operational technology assets that have
to run around the clock can benefit
from connectivity, but they also tend to
be older and very difficult to update. In
some cases, application providers may
have gone out of business years ago.
In the rush to make use of the IoT, it’s
important that companies don’t create
security risks where they did not exist
previously. The role for airgapping
will continue to be important, while
understanding IT assets in context
will also spread to the operational
technology sector too.
Prediction #5 – More security
purchases will be by DevOps,
not IT security
Traditional IT security sales were made by
specialists to other specialists. This meant
that the CISO was the arbiter of who
a company would work with and
how these solutions would be
managed. That will change this
year. Rather than security
being solely the preserve
of the IT security team,
the DevOps team will be
responsible for purchases or
hugely influential on what gets
implemented. When companies
work around a CI/CD pipeline, the
DevOps team is the new buyer that has
to be impressed.
Prediction #6 – Vulnerability
detection will move to real-time,
not scheduled
Traditionally, vulnerability management
programmes ran to schedules. You
knew that Microsoft would release
patches once a month, as would Adobe.
Oracle would release patches once per
quarter. Managing these would sort out
the majority of problems. Looking for
vulnerable software could be scheduled
around these updates.
However, today’s issues are getting
exploited faster than traditional patching
schedules can cope with. The sheer
variety of platforms in place means that
changes can affect multiple systems
running in different places. New
technologies like cloud and containers
can run intermittently, getting missed
by scheduled scans. More companies
will have to move over to real-time
vulnerability scanning, looking for issues
as they occur.
Prediction #7 – Integration and
orchestration will become critical
for security teams
This year, security teams will look to learn
from DevOps teams around how they
achieved their results and what changes
were needed. At the same time, they
will be looking to recruit more people
with skills and understanding in building
integrations and automated processes
too. Security Operations Centres
in particular will want to automate
processes around data where they can,
making existing staff more productive and
helping those team members focus on
more high-value tasks. u
www.intelligentciso.com | Issue 24
21