SAN FRANCISCO, Dec. 6, 2016 /PRNewswire/ -- Today, enSilo, the leader in real-time data protection platform, published the first of a seven-part series around 2017 cybersecurity predictions. Predictions encompass the complete lifecycle of security—evolving threats, the business market and U.S. legislation—and include practical strategies and tactics that businesses can adopt to help them protect their data in light of each prediction.
- "Ransomware authors will target mission-critical servers and PCs - within targeted departments. Ransomware attackers will have a well-thought out process in mind—from performing reconnaissance and building out the most effective attack vector to performing lateral movement—in order to hit the critical divisions and servers within the organization to ultimately make more money," said enSilo co-founder and CTO Udi Yavo. He also recommends organizations do four things to protect themselves: focus on increasing visibility into threats getting through the door, backup data regularly, share attack information and best practices and deploy technology to proactively protect against ransomware.
- "Security will move down the stack. In most cases, hardware vulnerabilities impact a broader audience (everyone that has the device) and cannot be simply fixed by applying a patch. Hardware-based attacks can also go undetected by a security solution residing on the software layer, which is why threat actors are increasingly exploiting related vulnerabilities. As such, in the year ahead, we'll see new security defense technology moving to the hardware level. Similarly, security teams within organizations will not be able to rely any longer solely on file inspection and will also need to ensure that protection goes beyond the endpoint," said Yavo.
- "As Flash phases out, JScript will take its place as the leading browser-exploitation vector. Attackers will continue to use browsers as their first choice of attack vehicle. After all, browser exploitation is still the most convenient attack vector since it requires less manual intervention and easily hits the masses," said Yavo. He recommends enterprises prepare for eminent infection by segmenting the network to block off communications from a threat actor to prevent lateral movement while applying practical whitelisting approaches such as application communication controls.
- "Customers will mandate the integration of both Endpoint Protection Platform (EPP) and Endpoint Detection and Response (EDR) capabilities into a single one-stop shop endpoint platform. The idea behind layering EPPs and EDRs is that everything missed by the EPP could be later detected by incident response analysts with EDR technologies that record all activity on the endpoint. Yet, EPPs are missing the unknowns, and EDRs are missing preventative capabilities. Customers are fed up with so many endpoint solutions that need to be layered on top of one another. They want the combination of an effective, manageable and actionable security solution. In fact, they will demand it in the year ahead," said enSilo co-founder and CEO Roy Katmor. He says organizations should demand purchase criteria from their endpoint security platform, including the fact that it's manageable, preventative, accurate, real-time, autonomous and frictionless with other business operations.
- "The Managed Security Services Providers (MSSPs) market will continue to grow as security vendors start to offer their own security services. This is already happening, but in 2017, MSSPs will grow to a point where security companies will need to enable managed services themselves or integrate and sell their products mainly via MSSPs," said Katmor. He recommends organizations ask that MSSPs deliver a strategy for security best practices, knowledge of applicable regulations, a deep understanding of the security landscape, forensics and remediation capabilities.
- "Enterprise network security will start shifting to the cloud, whereas network security will be offered as a service. Enterprises will be relieved to consolidate that cumbersome distributed network security burden by redirecting their corporate traffic and allowing the cloud-based network security services to apply and manage the security policies. Just like other services that moved to the cloud decreasing costs for customers, so will network security as a service reduce the overhead cost of purchasing and maintaining multiple physical firewalls," said Katmor. "As a result, network security vendors will start providing visibility into enterprise network traffic allowing security teams to perform quicker remediation and forensics."
Cybersecurity Policy Predictions
- "The new U.S. presidential administration will push for more laws and legislature around cybersecurity, but it will be ultimately ineffective. As record-breaking breaches rise and mass awareness of cybersecurity issues increase, there will undoubtedly be a surge of legislation proposed in 2017 to attempt to mitigate the risks. Due to difficulties with enforcement and attribution, such laws will be ultimately ineffective, leaving us in the same place we started," said Katmor
The full series of predictions and advice for enterprises will publish on enSilo's blog daily starting December 6, 2016 and running through December 14, 2016. They can be found via http://blog.ensilo.com/.
enSilo delivers a real-time data protection platform against advanced attacks by blocking in real-time any data-related malicious activity. enSilo's platform provides full forensics leading to the violation as well as remediation. With enSilo, organizations can continue running their businesses operations securely and without interruption, even during the investigation and remediation of attacks. enSilo is financially-backed by Lightspeed Venture Partners, Rembrandt Venture Partners and Carmel Ventures.
To view the original version on PR Newswire, visit:http://www.prnewswire.com/news-releases/ensilo-releases-2017-cybersecurity-outlook-for-businesses-to-stay-ahead-of-threats-300373389.html