• United States



Contributing Writer

3 advanced prevention technologies expected to grow in 2018

Dec 08, 20173 mins
AuthenticationNetwork SecuritySecurity

New technologies will help organizations decrease the attack surface and simplify security operations.

istock 479801072
Credit: matejmo

Last week, I described how 2018 will be the year of advanced prevention. Now, we’ve had technologies for blocking cyber attacks and malware for decades (i.e. antivirus software, firewalls, IPS, etc.), so what exactly is advanced prevention? I believe advanced prevention sits at the intersection of two other cybersecurity trends:

  1. Software-defined security functionality. Software-defined everything makes it easier to deploy, configure, and scale security controls.
  2. Artificial intelligence. AI uses algorithms to comb through mountains of data to increase detection/blocking efficacy, provide granular risk scoring, and fine-tune decision making. 

In the past, many security controls were based upon rules/heuristics and often required ample time for deployment, configuration, customization, etc. When the two advanced prevention trends come together, they produce security controls that are easier to deploy, easier to operate, and offer more accurate detection/blocking rates. Thus, organizations can deploy advanced prevention controls, decrease the attack surface, reduce security noise, and focus precious human resources on high-value tasks.

3 more advanced prevention technologies to watch

I highlighted five advanced prevention technologies in my last blog: Next-generation endpoint security software, threat intelligence gateways, secure DNS, micro-segmentation, and intelligent application controls. Here are a few more for consideration:

  1. Software-defined perimeter (SDP) technologies. As I’ve written before, no one has an SDP budget right now, but everyone has an SDP requirement. This is because SDP is built specifically for cloud and mobility. What SDP really does is modernize the concept of a VPN by setting up a secure tunnel between users/devices and applications regardless of their location. Users get the convenience of direct connection to applications and services, while CISOs gain the security benefits of “zero-trust” networking. In this way, SDP qualifies as advanced prevention because it enforces RBAC rules, limiting approved users’ purview of the network at large. I’m following many SDP providers, including Cyxtera (formerly Cryptzone), Google (BeyondCorp), Vidder, ScaleFT, and Zscaler. Oh, and I fully expect Cisco to jump in with both feet in 2018, as well.
  2. Risk-based intelligent vulnerability management. Despite years of innovation and VC investment, vulnerability management remains one of the biggest operational challenges for most organizations. Why? It’s a numbers game — large enterprises have thousands of systems with different software revisions and configurations deployed across global networks. How do you prioritize patching activities when CVE scores and vulnerability scanning tools report thousands of high-priority incidents requiring immediate remediation? In the past, we used analogue tuning to define which systems were considered mission-critical, but this didn’t provide a level of useful granularity. Fast forward to 2018, and risk-based intelligent vulnerability management tools can consume terabytes of configuration data, asset data, vulnerability data, and threat intelligence to create a fine-grained analysis of which systems really need immediate patching. Risk-based intelligent vulnerability management qualifies as advanced prevention because it can be used to decrease the attack surface while streamlining operations. I’m following Kenna Security in this area but expect others to follow.
  3. Smart phone-based multi-factor authentication (MFA). OK, this one has been around for a few years, but ESG research from my colleague Mark Bowker indicates that it is gaining momentum. While 28 percent of organizations already use smart phone-based MFA, 55 percent are either piloting, evaluating, or planning to use this technology in the future, making 2018 a pivotal year. Smart phone-based MFA will complement the software-defined technology described above to further decrease the attack surface. Vendors such as CA, Duo, Okta, RSA, SafeNet, and Symantec will play here.

I’ll be reporting on other advanced prevention technologies and trends throughout 2018. Stay tuned.

Contributing Writer

Jon Oltsik is a distinguished analyst, fellow, and the founder of the ESG’s cybersecurity service. With over 35 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies. Jon focuses on areas such as cyber-risk management, security operations, and all things related to CISOs.

More from this author