10 Hot Security Technologies Enterprises Need Now - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
IT Leadership // Security & Risk Strategy
News
7/21/2016
07:06 AM
Dawn Kawamoto
Dawn Kawamoto
Slideshows
100%
0%

10 Hot Security Technologies Enterprises Need Now

With security threats increasingly becoming more advanced, research firm Gartner outlines the top 10 technologies that should be deployed to take advantage of digital business opportunities while managing risk.
Previous
1 of 11
Next

(Image: TBIT via Pixabay)

(Image: TBIT via Pixabay)

Over the past 35 years, security technology offerings have come in five major "waves" of development -- each aiming to protect against the ever-changing methods of hackers and cyberthieves. The waves include:

  • firewall and anti-virus
  • intrusion prevention security technology
  • web app firewalls
  • end-point detection and response
  • machine learning security

But, unfortunately, the sophistication of threats continues to advance with growing frequency, duration, and impact.

In response, Gartner recently released a report, "Top 10 Technologies for Information Security in 2016," designed to help enterprises to take advantage of digital business opportunities while simultaneously managing risks.

These technologies build on previous security efforts enterprises have undertaken. Back in the 1980s, and through the 1990s, firewalls and antivirus technologies were by far the most pervasive form of security technologies companies deployed, Lawrence Pingree, a Gartner research director, told InformationWeek.

The firewall technologies emerged as attackers sought to gain access to unauthorized ports, while antivirus software sought to protect users as internet use became more widespread.

"It's been a game of tit for tat that has caused security software to evolve over time," Pingree said. Security vendors improve their products, and the hackers and cyber-criminals seek ways around the protections.

Intrusion prevention security was later developed as attackers sought ways to gain access to authorized ports, Pingree said. Dorothy Denning published an intrusion detection system model in 1986 according to IEEE. Enterprises needed a way to determine who had legitimate access to the ports from those who did not.

A third wave in security technology emerged with web application firewalls, as the use of web-based applications gained in popularity. Commercial products started appearing in 1999.

[See 10 Stupid Moves That Threaten Your Company's Security.]

Endpoint detection and response (EDR) security software emerged in 2013 as the fourth wave of security software, born out of a need to combat malware. Cyberthieves shifted malicious payload delivery tactics from using files with static signatures to one where the signatures would constantly change before they could be identified and blocked, Pingree explained.

Additionally, sandboxing is another recent security technique deployed, in which a similar system is created and the potentially malicious file is evaluated for its behavior, not its signature. Once the file's behavior is deemed good, by which is meant it doesn't try to create a buffer overflow or insert itself into a registry, it will later be assigned a signature and allowed to go into the intended system.

Machine learning security software is currently in its early stages, and is included in the fifth wave, Pingree said, adding that the software looks for similar or group files and events. For example, it is difficult to monitor thousands of separate security alerts that may occur within an hour and draw some conclusions of what is happening to an enterprise's system.

But machine learning can take this data and "connect the dots" to make sense of what security threat is happening and develop a priority list of what to tackle first, explained Pingree.

With this evolution of security software in mind, here are the top 10 information security technologies Gartner says businesses should adopt this year. Is your organization currently using any of these? Tell us about your experiences with locking down your systems in the comments section below.

Dawn Kawamoto is an Associate Editor for Dark Reading, where she covers cybersecurity news and trends. She is an award-winning journalist who has written and edited technology, management, leadership, career, finance, and innovation stories for such publications as CNET's ... View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Previous
1 of 11
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
GregW463
50%
50%
GregW463,
User Rank: Apprentice
7/27/2016 | 1:35:11 PM
Security Testing Market Will Grow to $1.2 billion by 2020
The best tools are meant to make developers' lives easier & better without Triage. 

"Security testing is widely used to triage new code development for security vulnerabilities. These tools help augment the developer's skills by automating the task of looking for application security flaws," Pingree said. He noted that Gartner estimates that the security testing market will grow to $1.2 billion by 2020, at a compounded average growth rate of 14.2%. It currently stands at $753 million.
Commentary
Will AI and Machine Learning Break Cloud Architectures?
Lisa Morgan, Freelance Writer,  6/10/2019
Slideshows
9 Steps Toward Ethical AI
Cynthia Harvey, Freelance Journalist, InformationWeek,  5/15/2019
Commentary
Humans' Fascination with Artificial General Intelligence
Guest Commentary, Guest Commentary,  6/6/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
A New World of IT Management in 2019
This IT Trend Report highlights how several years of developments in technology and business strategies have led to a subsequent wave of changes in the role of an IT organization, how CIOs and other IT leaders approach management, in addition to the jobs of many IT professionals up and down the org chart.
Slideshows
Flash Poll