Three security predictions from Kai Grunwitz, Senior Vice President EMEA, NTT Security:

 Three security predictions from Kai Grunwitz, Senior Vice President EMEA, NTT Security:
07.11.2017 10:13 am

Three security predictions from Kai Grunwitz, Senior Vice President EMEA, NTT Security:

Cloud , Security

1. DevSecOps in the age of the cloud

DevOps is an increasingly popular development practice allowing organisations to increase the speed at which they produce apps and services. An unfortunate side effect of this process is that you might also be accelerating the production of insecure code and bugs, with the potential to cause a serious financial and reputational hit if not managed correctly. 

In an increasingly cloud- and mobile-first world, it will become essential to also bake in security to this process: thus, DevOps becomes DevSecOps. Embracing an application lifecycle approach in this way will end up saving organisations time and money – because problems are always easier to solve when security is addressed as far “left” in the lifecycle as possible. It will not be an easy shift for many security professionals, but third-party expertise will help overcome cultural resistance and arm organisations with the right processes and automated toolsets to drive success.

2. Machine learning and managed security

Machine learning, AI and automation have the potential to plug chronic security skills shortages and transform threat defence by spotting sophisticated advanced attacks and zero-day threats. Whatever the industry marketing hype might have you believe, machine learning is actually far from new – in fact, NTT Security has been using it for 15 years. 

Machine learning is not a silver bullet and should instead be used as part of a layered approach to threat prevention. But it can spot patterns, which human eyes might miss. That said, it shouldn’t be seen as a replacement for human expertise. Part of the value we offer is in arming Security Operations Centre experts with machine learning tools. The automated tools find the needle in the haystack, but then it’s vital to get human eyes on that needle to analyse it further. 

These kinds of capabilities are set to drive a surge in managed security services (MSS) next year and beyond. According to our Risk:Value 2017 report 30% of UK organisations are using or planning to use an MSSP, with 31% claiming this is because of lack of internal skills and 27% because they want access to better technology. 

3. From tech- to business-driven security

Security professionals love to talk bits and bytes, sometimes even “out-geeking” the rest of the IT department. But we are already seeing a change take place, and it is a necessary change: in fact, it’s a question of digital survival. Put simply, security strategy must be aligned to business strategy or vital digital transformation projects will fail and the business will become irrelevant. Some 85% of business leaders believe they only have two years to make progress in their digital transformation programmes before they fall behind their competitors.

PS: Honourable GDPR mention

Finally, 2018 will be the year when the GDPR (25 May) and NIS Directive (9 May) come into force. I won’t add to the thousands of opinions already circulating about this, but suffice to say, it’s vital to get your compliance house in order asap. If organisations are having trouble getting the Board’s attention, remind them of the maximum fines for non-compliance: £17m or 4% of global annual turnover, whichever is higher.

Related News

Mettle by NatWest offers FreeAgent free of charge

Mettle, NatWest’s free standalone digital business account, has announced that FreeAgent, the cloud based accountancy software for small businesses, is available free of charge... Read more »

Nutanix Partners with Udacity to Offer Hybrid Cloud Nanodegree Programme

Nutanix (NASDAQ: NTNX), a leader in enterprise cloud computing, today announced a partnership... Read more »

SIX partners with Crux Informatics to deliver core datasets in a cloud-based platform

SIX, the Swiss financial data expert, announces its partnership with Crux Informatics to provide a state-of-the-art managed market data solution which removes... Read more »

Alibaba Cloud and Multi-Lingual Support from the Global MediXchange of Combating Covid-19 (GMCC) programme

Over 440 medical institutions from 104 countries and regions have applied to learn and share experiences in battling COVID-19 through the ... Read more »

Creatio Offers its Products for Free to Organizations Fighting Against COVID-19

Creatio, a global software company providing a leading low-code platform for process management and CRM, is announcing a new initiative aimed at helping businesses fight... Read more »

The National Bank of Canada accelerates the deployments of Murex at scale on Amazon Web Services

Murex, the global leader in trading, risk and processing solutions for capital markets, is pleased to announce that its customer, National Bank of Canada (NBC), migrated its on... Read more »

Magazine
ALL
Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App
Financial It Youtube channel