In this video blog, ESG’s cybersecurity analysts, Jon Oltsik and myself, share some of the cybersecurity developments on our radar screen that we expect to be especially relevant in 2018 including:
- Cloud computing chaos and how cloud services will become more prominent in addressing – and spawning – threats and vulnerabilities, including the need to better protect data resident in poorly configured AWS S3 buckets.
- How zero-day attacks will necessitate better ongoing risk management practices.
- The introduction of commercial SOAPA (security operations and analytics platform architecture) offerings will provide end-to-end solutions, but customer will still want best-of-breed optionality.
- The ongoing acute shortage of cybersecurity skill will further drive the use of managed security services.
One of the areas of cybersecurity where there needs to be a meeting of the minds between the buy and sell side is the definition of a cybersecurity platform. As more cybersecurity vendors offer platforms, and customers look to leverage platforms for operational efficiencies, there is a need for vendors who represent a center of gravity to lead the way in defining standards that allow for the use and integration of best of breed cybersecurity technologies. This need for efficiency extends into development processes. As more and more organizations develop their own software, and code becomes infrastructure, security is paramount, with integration into continuous development (CI/CD) methodology of DevOps representing a way to automate security best practices (i.e., DevSecOps) across dev, test, and production environments.
These are just a few of the process, technology, and industry aspects of cybersecurity ESG will be covering throughout 2018.