T?V Rheinland and OpenSky: The Cyber Security Trends of 2017

In 2017, the year of cloud security solutions and increased pressure to update legacy cyber security strategies, a change in paradigms is necessary. Cyber security has to be considered a business enabler, and no longer a cost driver.

  • 7 years ago Posted in
What will be the main themes of cyber security in the next twelve months? One thing is evident: We are in the midst of an era of significant data breaches. Frank Luzsicza, EVP, Information and Communication Technology at T?V Rheinland, is convinced that "the amount and availability of sensitive information about people and connected systems will inevitably lead to increased pressure to update legacy cyber security risk strategies to the new attack surface". The Cyber Security Trends of 2017 from T?V Rheinland and OpenSky provides a deeper examination of these topics. They reflect the assessment of the current developments from its leading cyber security experts in North America, Europe and IMEA regions.
 
 
 
 
1. The force of the attacks is increasing. Who is responsible?
Additional waves of attack will follow, but there will be an increased strength behind these attacks. This raises central questions about the protection of networked devices, IT/OT networks, and connected infrastructures: Who is responsible when cyber security measures are not sufficient? Do organizations need to further tighten their requirements and governance controls?
 
 
 
 
2. The Internet of Things (IoT) requires mandatory security standards.
 
Smart devices are becoming increasingly popular – simultaneously the protection of consumer privacy is becoming more urgent. Manufacturers of networked devices will have to introduce higher security standards. Voluntary or mandatory cyber security verification and certification for IoT devices will become more likely before their market launch.   
 
 
 
3. 2017 will be the year of cloud security solutions.              
 
Customer sensitivity to integrated cloud services and IT network security is increasing. Security solutions that monitor the network traffic between the cloud service client and the cloud service provider are in increasingly high demand. Furthermore, the cloud becomes increasingly the source for security solutions including real-time security analysis and the detection of anomalies by artificial intelligence (machine learning), but also for security data analytics managed services and incident response advisory services.
 
 
 
4. The new perfect couple: IAM and the cloud.
 
IAM and the cloud are becoming the new organizational perimeter. Cloud strategies will be closely interwoven with the fields of law, access and password management. The result is a consistent user and authorizations management, using roles in addition to a secure and user-friendly authentication.
 
 
 
5. Preferred targets: Patient records and medical devices.
 
Hackers will target the healthcare sector with increasing frequency in 2017. Medical facilities will need convincing answers to the questions surrounding improved protection of networked medical devices and sensitive patient data. Additionally, as data protection requirements in Europe continue to tighten, manufacturers of medical devices will continue enlisting independent third parties for security audits.
 
 
 
6. Managed security services: You won?t protect your organization without them.
 
Many organizations still view the subcontracting of cyber security to external partners with a critical eye. In light of the continuing lack of talent, trust in competent cyber security partners will become one of the most important success factors to protecting organizations, due in part to the growing number of internal offenders.
 
 
 
7. Industry 4.0: Integrating Functional Safety and Cyber Security
 
Now more than ever, the unauthorized access exposes industry systems and critical infrastructures to safety and security risks. Since IT is an essential part of manufacturing, functional safety and cyber security will have to work together to secure data exchange, and to ensure availability and reliability of networked systems. Networked industry (Industry 4.0) organizations, in particular, will have to consider the safety and security of their products across the entire life cycle and continuously monitor them for potential risks.
 
 
 
8. Key Factor Endpoint Security
 
Terminal devices, such as servers, laptops, mobile phones and tablets, desktop computers, etc. are among the easiest gateways for attackers to capture. Solutions limited to filtering suspected malicious content (i.e. Anti-Virus, Anti-Malware) at the endpoint, no matter how “intelligent”, will not suffice. Gaining visibility into real-time threats by monitoring and correlating with other events across the enterprise will offer superior protection against potential attacks.
 
 
 
9. The end of the silo mentality? eGRC and IT GRC are coming together.
 
The integrated view of IT and business risks does not only improve the regulatory reporting; it allows for an unbiased view of actual risk exposure and the protected organization’s values. Additionally, integrating eGRC and IT GRC enables management to achieve a higher decision quality within the organization. These tactics are of vital importance to organizations when considering tightened legal requirements, such as the EU data protection basic regulation, and the protection of intellectual property.
 
 
 
At T?V Rheinland and OpenSky, we believe senior management plays a key role in securing their organizations from both internal and external threats. According to Tom Hazen, President at OpenSky, "Cyber security must be part of each business case and cannot be viewed only as a pure cost driver. Ideally, cyber security becomes a risk consultation and also a business enabler"
By Barry O'Donnelll, Chief Operating Officer at TSG.
The cloud is the backbone of digital cybersecurity. By Walter Heck, CTO HeleCloud
By Milou Lammers, Director of Compliance, iland.
By Brett Beranek, Vice-President & General Manager, Security & Biometrics Line of Business at...
By Michael Queenan, co-founder and CEO of Nephos Technologies.
By Tawnya Lancaster, Lead Product Marketing Manager, AT&T Cybersecurity.
Why businesses need a bigger boat for tackling IaC security By Robert Haynes, SCA & Open Source...
Cybersecurity continues to be a major challenge for companies, with as many as four in ten...