Organizations are moving toward next-generation cybersecurity solutions this year, but security fragmentation is a looming threat.
Security firm Cynet has released a report on The State of Breach Protection in 2020 that paints a picture of a cybersecurity landscape that is evolving quickly--maybe too quickly for IT teams to keep up.
The report, which predicts security trends for 2020 based on responses from cybersecurity professionals, finds that that most are planning to roll out advanced protection products in 2020.
Advanced protection is defined in the report as SEIM software, network traffic analytics, and EDR/EPP products. These security products are designed to act as an additional layer of protection that go beyond firewalls and antivirus software.
Are additional solutions a real solution?
These new, next-generation security products are designed to fight the latest security threats, but the addition of more security products doesn't necessarily make security professionals feel at ease.
Most respondents (60%) plan to add some form of breach prevention measures in 2020, but 72% of those not planning to add more software cites a similar refrain: They can barely manage the products they already have in place.
Regardless of whether they were planning to add additional security products, 78% of respondents said that the "management, maintenance, and operational overhead" of their current security products was a major obstacle toward their achieving a level of security they would be happy with.
Those numbers don't bode well for the cybersecurity world. This report makes it clear that cybersecurity professionals value advanced protection and that they don't think existing tools are enough to make networks safe.
Adding new security products isn't going to improve protection if they're operating in separate ecosystems that don't communicate--at least that's what the report concludes. "Lack of consolidation is the dominant practice, [but] most organizations view it as a core problem that must be solved."
The threats cybersecurity professionals expect to face
Fragmented security software is a concern that needs to be addressed, but it's questionable whether or not centralized systems could solve what professionals see as the biggest threats of 2020.
The three threats that respondents cited as their biggest for 2020 are:
- Weaponized email attachments and links (74%)
- Ransomware (71%)
- Banking trojans and other browser-based password hijackers (67%)
All three of these problems are serious, but it's debatable whether any of them can be solved by adding SEIM, network traffic analysis, or EDR/EPP on top of traditional security products.
Attacks that target web browsers need not infiltrate a network, weaponized email attachments can affect an individual machine and cause great damage without alerting traffic analysis, and ransomware can come from various sources and lock down a system without raising flags until it's too late.
That leaves cybersecurity professionals in a tricky position in 2020: Fragmented security software is going to leave networks vulnerable, and adding additional tools that don't communicate with existing ones will only make it harder for IT to keep up with already burdensome cybersecurity workloads--but the biggest perceived threats can bypass those tools with ease.
How is a good cybersecurity team to tackle the threats of 2020? Don't focus solely on software when one of the biggest threats comes from people making simple mistakes. A good cybersecurity posture definitely includes consolidated software, but it also prioritizes user education and training to make sure the average employee isn't leaving the door open to threats that even the best software isn't trained to see.
- How to become a cybersecurity pro: A cheat sheet (TechRepublic)
- Mastermind con man behind Catch Me If You Can talks cybersecurity (TechRepublic download)
- Windows 10 security: A guide for business leaders (TechRepublic Premium)
- Online security 101: Tips for protecting your privacy from hackers and spies (ZDNet)
- All the VPN terms you need to know (CNET)
- Cybersecurity and cyberwar: More must-read coverage (TechRepublic on Flipboard)