Reflecting on recent evolutions in the cybersecurity industry can lend valuable insights into what is to come. In the last year, we’ve seen major news from Facebook’s Cambridge Analytica scandal and the EU’s implementation of GDPR to election security concerns and major data breaches like Panera, MyHeritage, Orbitz and many more.
As we turn a page in history to the new year, what new security threats and developments lie in wait? Here’s what I anticipate looking ahead to 2019:
1. 2019 will bring a wave of managed detection and response services:
Partners that were never in a position to offer managed services before will begin rethinking and revamping their offerings. Services make it easy for customers to consume what they need, whether that’s more flexibility in terms of payment or a solution to challenges associated with hiring and retention. According to Gartner’s 2018 Market Guide for Managed Detection and Response Services, 15 percent of organizations will be using MDR services by 2020, up from less than 5 percent today, which means 2019 will be a year for significant growth in this space.
2. Partners will become much more critical in terms of helping vendors manage risk: Customers will increasingly leverage partners to get the most value out of their solutions, especially as more and more organizations transition to the cloud. On the flip side, customers will become less responsible for day-to-day operational tasks and more responsible for governance. As partners manage customers’ security tools and services, customers will in turn spend more time overseeing what partners are delivering, rather than operationalizing the services themselves.
3. Partners will create more customized intellectual property, creating a surge in “pure cybersecurity” offerings:
As channel partners strive to deliver more specialized services, they will continue getting deeper into specific focus areas and competencies. As the market evolves, customers are requesting more customized technologies to secure their expanding environments. This trend of customized offerings is flowing downstream from managed security services providers to managed security providers as a whole. In particular, the industry has seen great advancements in intelligence automation. It’s inevitable that investments in automation will drastically increase in the new year on the partner side of things. As the demand for automation services surges, partners will rise to the challenge, with the goal of improving operational efficiency and long-term cost savings for enterprises who partake.
4. Security progress will continue, but encryption will present problems:
Currently, effective security solutions are quantifiably reducing the number of help desk tickets and directly contributing toward service level agreements and customer satisfaction. However, attacks using SSL encryption to obfuscate malicious traffic are finding fertile ground for growth (Dark Reading). Attacks using Powershell and script-based attacks are working hard to evade perimeter protection to hide malicious traffic in plain sight. Without proper security measures and customized controls in place, attackers can - and will - use these smaller pieces of code to infiltrate cloud containers and leverage unprotected data within otherwise easily accessible environments. The trend of security progress will continue, but the industry must be cautious of cyber attacks that are more difficult to detect using encryption.
5. Security investment will increase, with large technology providers leading the charge:
As the cost of recovering from a data breach escalates, security investments and spending will also rise. Between recruiting, security tools, customer support and furthering channel alliances, significant investments in security will only continue. IBM’s 2018 Cost of a Data Breach Study found that the average cost of a data breach globally is $3.86 million, a 6.4 percent increase from the 2017 report. Microsoft and IBM are spending upwards of $1 billion a year on cybersecurity.
As the wave of managed detection and response services comes in 2019, keep an eye out for an increase in partners managing risk with more customized offerings in addition to continued investments in security across the board.. With these trends in mind and more to come, 2019 is clearly going to be a year of major revolution, as opposed to evolution in cybersecurity.