​Stop just collecting security data and start using it better in 2016: Ovum

A rapid increase in spending on security solutions suggests that businesses are spending their way into a "cybersecurity arms race" that will see them leaning heavily on security analytics and threat-intelligence capabilities in 2016, research group Ovum has predicted while warning businesses not to be too impressed with solutions that prioritise collecting large volumes of data over analysing it.

Businesses will spend more than $37b on security solutions in 2016, the firm forecasted in its 2016 Trends To Watch analysis, which noted that cybersecurity teams had increased in organisational stature with their "mandate to protect businesses and users". This will see security organisations getting more proactive about implementing tools to identify the "risky actions that users are taking" and to ferret out unauthorised 'shadow IT' applications and services. This includes implementation of blanket access-control environments – including cloud access security broker (CASB) technology – that can control what resources users are and aren't allowed to access, when and from where.

While advanced persistent threats (APTs) and state-sponsored hacking will continue to make headlines in 2016, Ovum believes continued use of mass-marked commercial malware – available at "bargain-basement prices" that have significantly reduced the barriers to entry for would-be hackers – will pose an even more significant everyday threat for most organisations. The continuing onslaught of ransomware and distributed denial of service (DDoS) attacks, in particular, will require "further improvements to operational defences" in companies with at-risk business systems.

Although threat-intelligence platforms will play a significant role in bulking out these defences, organisations need to shift their focus in 2016 from building platforms that just amass large quantities of security-related information, and instead to focus on the actionable intelligence they can produce.

Companies "should not be impressed by the amount of threat data their security vendors can provide," the analysis warns, "even if it implies that the data is comprehensive. So far, the emphasis has been on the easier data gathering option [but] little of this data can be made into useful intelligence unless there is relevant and actionable context.

"2016 should be the year when actionable information is turned into genuinely useful threat intelligence," it adds, noting that security organisations need to achieve "trusted partner status.... Discussions should always focus on the prioritisation of threats that are relevant to the business, its operations, and its assets."

Ovum also forecasts a strong role for identity and access management (IAM) technologies, which have matured considerably in recent years and have become what the firm calls a "cornerstone technology" for provisioning and controlling access to business systems. The coming year will, Ovum's analysis concludes, see a greater analysis on the "digital user lifecycle" – mediated by a robust IAM framework and enhanced by continued improvements to tools that already exist in the market in one form or another.

The existence of such tools adds to the impetus for IT-security decision makers to embrace security technologies and build them into all forward planning – particularly if companies are looking to take advantage of the Internet of Things (IoT), in which case they should "think security from day one" and mandate that all endpoint and network security tools be equipped to secure such an environment. This mandate, as part of the effort to build the digital user lifecycle into corporate security practices, is likely to change procurement relationships and approaches. Those organisations that would be most successful in this change would, in turn, be best positioned to leverage their increasingly responsive security practice into a corporate information asset.

Join the CSO newsletter!

Error: Please check your email address.

Tags distributed denial of service (DDoS) attacksthreat-intelligencesecurity datasecurity solutionsloud access security broker (CASB) technology

More about Ovum

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts