/ Security Zone
Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

The Future of Hacking Is Predictable

DZone's Guide to

The Future of Hacking Is Predictable

Security experts agree that the future of hacking will look much like recent attacks that took advantage of old vulnerabilities that have been hacked before.

by
Sateesh Narahari
·
Jul. 08, 17 · Security Zone
Free Resource

Comment (0)

Save
Tweet
{{ articles[0].views | formatCount}} Views

Discover how to protect your applications from known and unknown vulnerabilities.

IT security pros have it rough: the pace of modern workflows has turned perimeter security solutions into sieves. As those security pros try to keep up with new threats, they might be better off taking the opposite approach and slowing down. Over the coming years, the largest cyber threats won’t be new; instead, they will come from well-known vulnerabilities. To address these vulnerabilities, businesses don’t even need to look beyond their own network.

Known Threats

As cloud apps become increasingly pervasive, they are challenging security teams with limited visibility and control options. The cyber threats of the future will take place within the Shadow IT that exists today. The unsanctioned use of cloud apps creates Shadow IT – an unmonitored, uncontrolled, and insecure part of a business’ network activity. Shadow IT creates new threat vectors that range from poor internal behavior that leaks data to open doors for criminally-minded hackers. The good news is that there are easy ways to start addressing Shadow IT that doesn't require breaking your company’s piggy bank.

Among the many vulnerabilities on networks, Gartner predicts Shadow IT to be the chief concern in the coming years. To deal with Shadow IT, they recommend that corporate strategy shifts to “create a culture of acceptance and protection versus detection and punishment,” while also developing, “an enterprise-wide data security governance (DSG) program.” Sometimes the free options are the best, but unfortunately, fully addressing Shadow IT will require more than new policies and behaviors.

Monitoring for Threat Deterrence

To mend the security gaps created by cloud apps, Gartner forecasts that Cloud Access Security Brokers (CASBs) will be the top technology for information security in the coming years. CASBs give CISOs an opportunity to monitor Shadow IT and apply enterprise security policies across multiple cloud services. Not all businesses will need to directly control every facet of their employees’ cloud app activity, but they should at least have visibility to monitor for risks.

Part of addressing known security threats is taking a moment to slow down and reprioritize the threat landscape. Given the onslaught of threats, developing a strategy and acting deliberately is more important than ever. The pressure is on CISOs to identify data security policy gaps, develop a roadmap to address the issues and seek cyber insurance, like monitoring, when appropriate. Each step should be part of a larger strategy. Shadow IT is a well-known and growing threat to business IT security that should be included in these new strategies. The time to act is now.

Find out how Waratek’s award-winning virtualization platform can improve your web application security, development and operations without false positives, code changes or slowing your application.

Like This Article? Read More From DZone

What's the Cost of an Insecure Endpoint?
Healthcare Breaches Reach All-Time High in 2016
Schools Using Google Need a Security Lesson

Free DZone Refcard

Java EE Security Essentials
DOWNLOAD
Topics:
security ,cloud security ,infosec ,security compliance ,enterprise security

Comment (0)

Save
Tweet
{{ articles[0].views | formatCount}} Views

Published at DZone with permission of Sateesh Narahari, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

Security Partner Resources

Building Security Into Cloud Applications
Learn How to Build Security into the DevOps Life Cycle
Delivering Security in an Agile World
Software Security Testing: Blending Art and Science
Bring your Java apps up to date with the latest Java release with no code changes
Traditional Application Security Approaches Are Not Working
Webinar: Secure your apps against a deserialization attack. It's not possible, is it?
See how the Agile Security Manifesto can help your firm build secure software in an agile way.
CISO’s Guide to Application Security

Security Partner Resources

Building Security Into Cloud Applications
Learn How to Build Security into the DevOps Life Cycle
Delivering Security in an Agile World
Software Security Testing: Blending Art and Science
THE DZONE NEWSLETTER

Dev Resources & Solutions Straight to Your Inbox

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.

X

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.linkDescription }}

{{ parent.urlSource.name }}
by {{ parent.authors[0].realName || parent.author}}
· {{ parent.articleDate | date:'MMM. dd, yyyy' }} {{ parent.linkDate | date:'MMM. dd, yyyy' }}
· {{ parent.portal.name }} Zone