By TI Inside
The Internet of Things (IoT) is expanding its space around the world, and an estimated 8.4 billion devices will be connected by 2017. This is the year of cloud security solutions - and also the rise in pressure. to update legal cyber security strategies.
The report 2017 Cybersecurity Trends & #8221;, from TÜV Rheinland and OpenSky - a TÜV Rheinland Group company providing digital security strategy solutions, has provided further analysis of security topics for this year.
Key issues related to IoT data security in 2017 involve:
1. The strength of the attacks is increasing. Who is responsible?
There will be additional waves of attack, but there will also be a greater force behind these attacks. This raises central questions about protecting networked devices, IT / OT networks and connected infrastructures: who is responsible when cyber security measures are not enough? Do organizations need to further tighten their governance requirements and controls?
2. The Internet of Things (IoT) requires mandatory security standards.
Smart devices are becoming increasingly popular. At the same time, protecting consumer privacy is becoming more urgent. Network device manufacturers will need to introduce higher security standards. IoT devices will be increasingly likely to undergo cyber security verification and certification processes prior to their market launch.
3. 2017 will be the year of cloud security solutions.
Customer sensitivity to integrated cloud services and IT network security is increasing. Security solutions that monitor network traffic between the client and the cloud service provider are increasingly in demand.
In addition, the cloud is increasingly becoming the source of security solutions, including real-time security analysis and artificial intelligence anomaly detection (#8220; machine learning & #8221;), but also for managed data analytics services. security and incident response consulting services.
4. The perfect new couple: AMI and the cloud.
Identity and access management (IAM) and the cloud are becoming the new organizational perimeter. Cloud strategies will be closely intertwined with the fields of law and access and password management. The result is consistent user management, #8220; things & #8221; and authorizations, using functions in addition to secure and user-friendly authentication.
5. Preferred Targets: Patient records and medical devices.
Hackers will frequently attack the healthcare industry in 2017. Medical facilities will need convincing answers to questions around improving protection of networked medical devices and sensitive patient data. In addition, as data protection requirements in Europe continue to tighten, medical device manufacturers will continue to use independent third parties for security audits.
6. Managed Security Services: You will not protect your organization without them.
Many organizations still view outsourcing cybersecurity by external partners with a critical eye. But trust in competent cyber security partners will become one of the most important success factors for protecting organizations, in part because of the growing number of internal violators. It is becoming less and less feasible for a company to maintain its own cyber security management framework.
7. Industry 4.0: Integrating Functional Security and Cyber Security
Now, more than ever, unauthorized access exposes industry systems and critical infrastructure to security risks. Because IT is an essential part of industrial processes, functional security and cyber security will have to work together to ensure data exchange and ensure the availability and reliability of networked systems. The connected industry (Industry 4.0), in particular, will need to consider the safety of their products throughout their entire life cycle. And these products will have to be continually monitored for potential risks.
8. Security of key factors at endpoints
Terminals such as servers, laptops, mobile phones and tablets, desktops, etc., are among the easiest hacking gateway. Solutions limited to endpoint filtering of suspicious malicious content (ie antivirus, anti-malware) will not be enough, no matter how smart & #8220; Gaining real-time threat visibility through their monitoring and correlation with other events happening in the enterprise will provide superior protection against potential attacks.
9. The end of the silo mentality? EGRC and IT GRC are coming together.
The integrated view of IT and business risk not only enhances regulatory reporting, it also enables an unbiased view of the organization's actual risk exposure and protected values. In addition, the integration of eGRC and IT GRC enables management to achieve higher decision quality within the organization. These tactics are of vital importance to organizations when considering stricter legal requirements, such as the basic EU data protection regulation and the protection of intellectual property.
