Each year, organisations increase spending on cybersecurity protection to keep their businesses, their data, and their users safe.
Ovum research indicates that 2016 spending is set to exceed $US37 billion.
“As threat levels increase, corresponding purchase responses are made,” says Andrew Kellett - Research Analyst, Ovum.
“In effect, what we are seeing is an escalation of the cybersecurity arms race, with security intelligence and analytical capabilities being utilised to map the threat landscape, identify new and recurring threats, and take action against them.”
According to Kellett, new defences will include technologies designed to identify and address the risky actions that users are taking and the unauthorised, often cloud-based facilities they are choosing to use.
“Keeping business data and users safe is a key issue,” he adds.
“As such, there will also be far more interest in the control elements of security that define what users are allowed to do - what on-premise and cloud-based facilities and services they can and cannot use, which data resources they are allowed to access, and where that data can be kept.”
In 2016, Kellett believes cybercrime, state-sponsored activities, and advanced persistent threats (APTs) will continue to make headlines.
“Social engineering that targets human frailties will continue to put business systems at risk,” Kellett adds.
“But at the same time, a large percentage of organisations will be breached by not-so-special, commercially available malware, whose availability at bargain-basement prices on the Dark Web has significantly reduced the barriers to entry into the world of hacking.
“Therefore, detection and remediation tools that can spot all types of malware and reduce recovery timelines after a breach will continue to play an important role.”
For Kellett, the newer elements of technology including cloud and mobile will still cause concern.
“Their use and interaction with other developing areas of business activity, such as shadow IT and Internet of Things (IoT), will add to the need for improved levels of user and data protection,” he explains.
“Further improvements to operational defences will be needed to deal with the evolution and growth of distributed denial-of-service (DDoS) attacks and the re-emergence of ransomware activity, both of which are targeting at-risk business systems.”
Going forward, Kellett believes that identity and access management (IAM) will continue to be the cornerstone technology for provisioning and controlling access to business systems and for building working relationships between businesses and their clients.
“There will be greater emphasis on the “digital user lifecycle” in 2016 as IAM usage extends across and beyond the enterprise to support the authentication, ease-of-access, and security requirements of everyone from consumers to privileged corporate users,” Kellett adds.