Over the past 35 years, security technology offerings have come in five major "waves" of development -- each aiming to protect against the ever-changing methods of hackers and cyberthieves. The waves include:
But, unfortunately, the sophistication of threats continues to advance with growing frequency, duration, and impact.
In response, Gartner recently released a report, "Top 10 Technologies for Information Security in 2016," designed to help enterprises to take advantage of digital business opportunities while simultaneously managing risks.
These technologies build on previous security efforts enterprises have undertaken. Back in the 1980s, and through the 1990s, firewalls and antivirus technologies were by far the most pervasive form of security technologies companies deployed, Lawrence Pingree, a Gartner research director, told InformationWeek.
The firewall technologies emerged as attackers sought to gain access to unauthorized ports, while antivirus software sought to protect users as internet use became more widespread.
"It's been a game of tit for tat that has caused security software to evolve over time," Pingree said. Security vendors improve their products, and the hackers and cyber-criminals seek ways around the protections.
Intrusion prevention security was later developed as attackers sought ways to gain access to authorized ports, Pingree said. Dorothy Denning published an intrusion detection system model in 1986 according to IEEE. Enterprises needed a way to determine who had legitimate access to the ports from those who did not.
A third wave in security technology emerged with web application firewalls, as the use of web-based applications gained in popularity. Commercial products started appearing in 1999.
Endpoint detection and response (EDR) security software emerged in 2013 as the fourth wave of security software, born out of a need to combat malware. Cyberthieves shifted malicious payload delivery tactics from using files with static signatures to one where the signatures would constantly change before they could be identified and blocked, Pingree explained.
Additionally, sandboxing is another recent security technique deployed, in which a similar system is created and the potentially malicious file is evaluated for its behavior, not its signature. Once the file's behavior is deemed good, by which is meant it doesn't try to create a buffer overflow or insert itself into a registry, it will later be assigned a signature and allowed to go into the intended system.
Machine learning security software is currently in its early stages, and is included in the fifth wave, Pingree said, adding that the software looks for similar or group files and events. For example, it is difficult to monitor thousands of separate security alerts that may occur within an hour and draw some conclusions of what is happening to an enterprise's system.
But machine learning can take this data and "connect the dots" to make sense of what security threat is happening and develop a priority list of what to tackle first, explained Pingree.
With this evolution of security software in mind, here are the top 10 information security technologies Gartner says businesses should adopt this year. Is your organization currently using any of these? Tell us about your experiences with locking down your systems in the comments section below.Dawn Kawamoto is an Associate Editor for Dark Reading, where she covers cybersecurity news and trends. She is an award-winning journalist who has written and edited technology, management, leadership, career, finance, and innovation stories for such publications as CNET's ... View Full Bio