Top key threats, strong trends and promising technologies. Gartner forecasts for the next few years

    We constantly monitor new trends, opinions and publications on information security. All this amount of information is systematized and “laid out” by product niches. As a result, a single picture is formed of how analysts see our future with you. We decided to share another summary of the most interesting and strong trends, which Gartner speaks about in his reports and presentations. This information is useful to some people for speeches, someone - to justify budgets, and someone simply allows them to “check the clock” with the industry and be aware of what is now considered the “hot” topics themselves.

    So where, according to Gartner, is the industry heading?



    Security Operation Center and Managed Security Providers Service


    • By 2020, 65% of MSSP providers will offer services to detect and counter cyber attacks.
    • By 2020, 60% of corporate budgets for information security will be spent on quickly identifying and responding to cyber attacks (in 2016 this figure did not exceed 30%).

    User Entity and Behavior Analytics (UEBA) and Security information and event management (SIEM)


    • By 2018, at least 30% of large SIEM vendors will include in their solutions deep analytics and UEBA functionality.
    • By 2018, a quarter of all information security solutions used to identify threats will have built-in deep analytics modules.
    • By 2018, predictive analysis will be built into at least 10% of all UEBA solutions.
    • By 2018, at least 4 acquisitions of UEBA vendors by companies producing SIEM-, DLP- or other information security solutions are expected.
    • By 2020, at least 60% of the largest CASB vendors (cloud access security broker) and 25% of the largest SIEM and DLP vendors will integrate UEBA functionality into their solutions through acquisitions, technology partnerships or their own developments.
    • By 2020, less than 5 independent UEBA vendors will remain on the market, while others will focus on narrower IS tasks.

    Access Control Systems (IdM)


    • By 2018, 25% of organizations - today only 5% of them - will reduce the number of data leaks by controlling privileged user sessions.
    • By 2018, half of organizations will use alternative authentication methods instead of passwords (now such 20%).
    • By 2019, 40% of projects for the implementation of access control systems will be implemented according to the SaaS model (today the share of such projects is 10%).

    Information Leakage Prevention (DLP)


    • By 2018, 40% of large companies will deal with data leaks by controlling the use of cloud storage and mobile devices, bypassing the traditional DLP model.
    • By 2018, 90% of organizations will use DLP in one form or another (as opposed to the current 50%).
    • By 2018, less than 10% of organizations using DLP will be able to boast that they have a model for managing information security (now their number is close to zero).

    Web Application Firewalls (WAF)


    • By the end of 2020, the share of public web applications using WAF as a cloud service or as virtual software will increase from 25% to 70%.
    • At least until 2020, the market for security gateways for small and large businesses will remain a separate niche.

    Vulnerabilities, Threats, and Incidents


    • By 2018, 40% of large organizations will have a clear plan to counter cyber attacks aimed at undermining business (now, according to Gartner, almost no one has a well-organized and formalized plan of action in the event of an attack).
    • Due to the inability of information security departments to manage risks, by 2020, 60% of companies doing business on the Internet will suffer from serious problems with the availability of services.
    • By 2020, a third of successful cyberattacks will be in shadow IT.
    • Until 2020, 99% of exploited vulnerabilities will remain known to IT / IS services for at least a year (i.e., the speed of detecting vulnerabilities will still be far ahead of the speed of their removal).
    • By 2020, organizations where IT services allocate budgets for information security will suffer from security gaps three times more often than companies where the cost of information security is determined by management.
    • By 2020, high-level cybercriminals will be able to break into 90% of companies that defend themselves with advanced analytical systems.

    To summarize, we can say that Gartner predicts a great future for User Entity and Behavior Analytics and, of course, the migration of everything to the clouds.

    For the Russian market, the UEBA topic is still quite new, but a number of vendors are already demonstrating interest in these developments. Gartner sees great promise in using UEBA in DLP and SIEM systems (predictably), and also predicts that by 2020, every fourth such solution will have UEBA modules. Given that Russian companies can hardly count on the takeover of Western UEBA vendors, we can only wait for Russian developments in this area.

    On the contrary, they have been talking about the transition of information security solutions to the clouds for a long time, and we see a move in this direction from customers, but so far slower than Gartner predicted. Here the difficulty lies not so much in the distrust of customers as in the reluctance of many vendors to switch to the cloud model.

    Well, and with great pessimism, Gartner is looking at the level of security of companies from cyber attacks. Untimely response to IS threats, shadow IT, the submission of information security to the IT service - all these pain points are named correctly and, alas, are very, very well known to Russian organizations. But, of course, I would like to hope that here analysts are mistaken, and companies will approach information security more carefully, responsibly and systematically.

    Also popular now: