Chief Information Security Officers share their 2016 information security predictions
Security Current, a Tenafly, NJ-based information and collaboration company by CISOs for CISOs, announced on December 29 that it has published a collection of leading CISO’s cybersecurity 2016 predictions for 2016.
More than 25 CISOs weighed in, with many anticipating 2016 will bring more orchestrated attacks, such as “business email compromise,” and incident response will remain a key focus for enterprises. They also anticipate a rise in investments in risk mitigation programs and integrated threat intelligence and analysis capabilities.
“Companies not only need to have solid incident response plans but also need to gain deep visibility into what is happening inside their IT environment, as you can’t respond to something you don’t know about,” FLEETCOR CISO Wayne Proctor advises. “Enhancing security visibility will be the primary driver for security spend in 2016. Primary solutions to help enhance visibility include: advanced threat identification, next generation SIEM, threat feeds and data analytics.”
CISOs predict the evolving threat landscape will not impact new technology and services adoption.
“In 2015 from a technology point of view, social, mobile, big data and cloud transitioned from buzz words to the new normal,” said IBM Cloud & SaaS Operational Services CISO David Cass. “In 2016, cloud will be about leveraging new capabilities rather than just a cost savings. Analytics and cognitive capabilities will see rapid growth as organizations look at their big data for new insights.”
CISOs also see greater adoption of cybersecurity insurance to address growing liability associated with breaches.
“Breaches in the past couple of years have wreaked havoc on many brands and reputations,” Delta Dental of New Jersey Information Security Head Roota Almeida said. “Due to this, the board and the C-suite will have an appetite for offloading the risk to insurance providers. Cyber insurance will gain velocity and popularity in the coming year.”
Other top-of-mind issues include public-private partnerships and knowledge sharing, the saturated technology market, elimination of passwords as a viable method of authentication and the pervasive challenges in recruiting/retaining security talent.
Source: Security Current