Gartner Forecasts Worldwide Security Spending Will Reach $96 Billion in 2018, Up 8 Per Cent from 2017

Gartner, Inc. forecasts worldwide security spending to total $96.3 billion in 2018, an increase of 8 per cent from 2017. Organisations are spending more on security as a result of regulations, shifting buyer mindset, awareness of emerging threats and the evolution to a digital business strategy.

“Overall, a large portion of security spending is driven by an organisation’s reaction toward security breaches as more high profile cyberattacks and data breaches affect organisations worldwide,” said Ruggero Contu, research director at Gartner. “Cyberattacks such as WannaCry and NotPetya, and most recently the Equifax breach, have a direct effect on security spend, because these types of attacks last up to three years.”

This is validated by Gartner’s 2016 security buying behaviour survey*. Of the 53 per cent of organisations that cited security risks as the No. 1 driver for overall security spending, the highest percentage of respondents said that a security breach is the main security risk influencing their security spending.

As a result, security testing, IT outsourcing and security information and event management (SIEM) will be among the fastest-growing security subsegments driving growth in the infrastructure protection and security services segments (see Table 1).

Table 1

Worldwide Security Spending by Segment, 2016-2018 (Millions of Current Dollars)

Segment 2016 2017 2018
Identity Access Management 3,911 4,279 4,695
Infrastructure Protection 15,156  16,217  17,467
Network Security Equipment 9,789  10,934  11,669
Security Services 48,796  53,065  57,719
Consumer Security Software 4,573  4,637  4,746
Total 82,225 89,133 96,296

Source: Gartner (December 2017)

Gartner analysts said that several other factors are also fuelling higher security spending.

Regulatory compliance and data privacy have been stimulating spending on security during the past three years, in the US (with regulations such as the Health Insurance Portability and Accountability Act, National Institute of Standards and Technology, and Overseas Citizenship of India) but most recently in Europe around the General Data Protection Regulation coming into force on 28th May 2018, as well as in China with the Cybersecurity Law that came into effect in June 2016. These regulations translate into increased spending, particularly in data security tools, privileged access management and SIEM.

 

Gartner forecasts that by 2020, more than 60 per cent of organisations will invest in multiple data security tools such as data loss preventionencryption and data-centric audit and protections tools, up from approximately 35 per cent today.

Skills shortages, technical complexity and the threat landscape will continue to drive the move to automation and outsourcing. “Skill sets are scarce and therefore remain at a premium, leading organisations to seek external help from security consultants, managed security service providers and outsourcers,” said Mr Contu. “In 2018, spending on security outsourcing services will total $18.5 billion, an 11 per cent increase from 2017. The IT outsourcing segment is the second-largest security spending segment after consulting.”

Gartner predicts that by 2019, total enterprise spending on security outsourcing services will be 75 per cent of the spending on security software and hardware products, up from 63 per cent in 2016.

Enterprise security budgets are also shifting towards detection and response, and this trend will drive security market growth during the next five years. “This increased focus on detection and response to security incidents has enabled technologies such as endpoint detection and response, and user entity and behaviour analytics to disrupt traditional markets such as endpoint protection platforms and SIEM,” said Mr Contu.

Gartner analysts will further discuss where to deploy technology to add value to security, risk and privacy programmes at the Gartner Identity & Access Management Summit, 5-6 March 2018 in London. Follow news and updates from the events on Twitter using #GartnerIAM.

(85)

Share

New Locky-like ransomware named ‘Scarab’ found by PhishMe

New ransomware – named Scarab – has been observed by PhishMe.  While it shares some similarities in behaviour and distribution with Locky, there are also some distinct differences. First, Scarab does not present a ransom amount with its encryption message, instead it instructs victims on how to negotiate with the operators. Second, Scarab reports newly infected machines via a service that collects click statistics on opened or viewed artifacts, as opposed to using command and control resources.

Aaron Higbee, co-founder and CTO of PhishMe, comments:

“It is unsurprising that hackers would use similar characteristics to one of 2016’s most prolific malware campaigns in the new Scarab campaign – even down to the Game of Thrones references.  In some ways, this will make security teams better prepared should they face a Scarab ransomware attack, but given the persistence and disruption caused by Locky, makes it even more important to understand how the ransomware differs.

“The negotiation process encouraged by the Scarab ransomware is particularly interesting.  While entering into negotiations definitely makes it more likely that a ransom of some kind will be paid, it also allows them to fluctuate demands depending on the value of Bitcoin at that time.

“Taking note of the evolution of ransomware is vitally important to bolster the knowledge of security teams in preparation for the next attack.  To have a full picture, however, employees need to be encouraged to identify and report potential attacks, as without this first line of defence, the damage may have already been done.”

(643)

Share

Top 10 IT Security Predictions for 2018

By Ian Kilpatrick, EVP (Executive Vice-President) Cyber Security for Nuvias Group

Security blossoms in the boardroom

Sadly, security breaches will continue to be a regular occurrence in 2018 and organisations will struggle to deal with them. New security challenges will abound and these will grab attention in the boardroom. Senior management is increasingly focusing on security issues and recognising them as a core business risk, rather than the responsibility of the IT department alone. The coming year will see further commitment from the boardroom to ensure that organisations are protected.

Ransomware has not gone away

Too much money is being made from ransomware for it to disappear – it won’t. According to Cyber Security Ventures, global ransomware damage costs for 2017 will exceed US$ 5 billion, with the average amount paid in ransom among office workers around US$ 1400. Companies can help prevent ransomware by tracking everything coming in and out of the network and running AV solutions with anti- ransomware protection. And, of course, you should do regular backups to a structured plan, based around your own business requirements – and make sure you test the plans.

IoT – a security time-bomb

IoT is a rapidly growing phenomenon which will accelerate in 2018, as both consumers and businesses opt for the convenience and benefits that IoT brings. However, manufacturers are not yet routinely building security into IoT devices and 2018 will see further problems generated through the use of insecure IoT. IoT is a major threat and possibly the biggest threat to businesses in the coming years. Unfortunately, it is not easy, and in some cases impossible, to bolt on security as an afterthought with IoT, and many organisations will find it challenging to deal with the consequences of such breaches.   As IoT cascades through organisations’ infrastructures, it is likely to become the ultimate Trojan horse.

More from the Shadow Brokers

The Shadow Brokers, a hacker group which stole hacking tools from the American National Security Agency (NSA), created havoc in 2017 with the Wannacry ransomware episode. The group has already stated that it will soon release newer NSA hacking tools, with targets that might include vulnerabilities in Windows 10.

There will certainly be further episodes from them in 2018, so patch management, security and regular backups will be more crucial than ever. A major target of these hackers is the data that organisations hold, including PII (Personally Identifiable Information) and corporate data, so protecting the data ‘crown jewels’ inside the network will become ever more crucial.

GDPR – have most businesses missed the point?

The arrival of GDPR in May 2018 will, of course, be a big story. However, many organisations are missing the main point about GDPR. It is about identifying, protecting and managing PII – any information that could potentially identify a specific individual. This will become more important in 2018 and there will be considerable focus on identifying, securing and, where required, deleting PII held on networks.

GDPR Blackmail – the new ransomware?

Unfortunately, GDPR will give a great opportunity to criminals, hackers, disgruntled staff and anyone who might want to do an organisation harm. They simply have to ask you to identify what data you hold on them, ask for it to be erased, and ask for proof that it has been done. If you can’t comply, they can threaten to go public – exposing you to the risk of huge fines – unless you pay them money. Watch out for that one!

DDoS on the rise

It is now possible for anyone to ‘rent’ a DDoS attack on the internet. For as little as US$ 5, you can actually pay someone to do the attack for you! https://securelist.com/the-cost-of-launching-a-ddos-attack/77784/. This is just one of the reasons DDoS threats will continue to escalate in 2018, alongside the cost of dealing with them. The dangers of DDoS for smaller companies are that it will leave them unable to do business. For larger organisations, DDoS attacks can overwhelm systems. Remember that DDoS is significantly under-reported, as no-one wants to admit they have been under attack!

Cloud insecurity – it’s up to you

Problems with cloud insecurity will continue to grow in 2018 as users put more and more data on the cloud, without, in many cases, properly working out how to secure it. It is not the cloud providers’ responsibility to secure the information – it is down to the user. With the introduction of GDPR in 2018, it will be even more important to ensure that PII stored in the cloud is properly protected. Failure to do so could bring serious financial consequences.

The insider threat

Historically, insider threats have been underestimated, yet they were still a primary cause of security incidents in 2017. The causes may be malicious actions by staff or simply poor staff cyber-hygiene – i.e. staff not using the appropriate behaviour required to ensure online “health.” In 2018, there will be growth in cyber education, coupled with more testing, measuring and monitoring of staff behaviour. This increasingly involves training and automated testing, such as simulated phishing and social engineering attacks.

Time to ditch those simple passwords

In 2018, simple passwords will be even more highlighted as an insecure ‘secure’ method of access. Once a password is compromised, then all other sites with that same user password are also vulnerable. As staff often use the same passwords for business as they use personally, businesses are left vulnerable. While complex passwords do have a superficial attraction, there are many challenges around that approach and multi-factor authentication is a vastly superior method of access.

(127)

Share

Paragon Software Releases Free APFS for Windows Key Tool for Accessing APFS-formatted Storage on PCs

Paragon Software, a recognized data storage expert, releases APFS for Windows by Paragon Software (Preview), a driver which enables Windows users to access Apple File System (APFS) volumes on PCs. With APFS for Windows, users are able to instantly access APFS-formatted hard disk drives (HDDs), solid-state drives (SSDs), or flash drives directly on Windows PCs.

Introduced in 2016, APFS is Apple’s proprietary new file system released with macOS High Sierra. Designed for better efficiency, APFS replaces Mac OS Extended (HFS+) as the default file system for SSDs and other all-flash storage arrays. Currently, there is no way to read APFS partitions with the tools provided by Apple’s Boot Camp drivers or other Windows utilities. APFS for Windows by Paragon Software tackles this problem by enabling PC users to read APFS-formatted volumes from Windows.

How it works:

  1. Download and install Paragon APFS for Windows Preview from https://backstage.paragon-software.com/home/apfs-windows/.
  2. Connect an APFS-formatted drive to your PC.
  3. Go to Windows Explorer to browse your APFS drive, which will also be accessible from other programs.

Features:

  • Read-only access to APFS volumes on Windows PC;
  • Automount: Mounts APFS volumes automatically at startup;
  • Internationalization: Supports all character sets available in your operating system.

Availability: You candownload APFS for Windows by Paragon Software for free from https://backstage.paragon-software.com/home/apfs-windows/

(4857)

Share

Elbit Systems of America and Metropolitan State University Announce New Cyber Training and Simulation Center

Elbit Systems of America, LLC, announced that it will partner with Metropolitan State University to establish a new facility powered by the Cyberbit Range for the training and simulation of cybersecurity professionals at the Metropolitan State campus in Saint Paul, Minn.

Elbit Systems of America will provide the hardware, software, and technical expertise to operate the training and simulation environment. In turn, Metropolitan State will provide the facilities and expert instructors. The training program and Cyber Range is expected to commence training in the spring of 2018.

With reports of cyber-attacks on the rise and the demand for highly-qualified cybersecurity professionals greater than ever, Elbit Systems of America and Metropolitan State are addressing the challenges of accelerating the certification of new cybersecurity experts.

“We’re pleased to partner with Metropolitan State to bring advanced training and simulation capabilities into the University’s respected cyber lab,” commented Raanan Horowitz, president and Chief Executive Officer of Elbit Systems of America. “Trainees will benefit from unique and realistic simulation to support their certification and, ultimately, allow them to focus on keeping America’s infrastructures and businesses safe when they enter the workforce.”

“I am very pleased to launch the partnership with Elbit Systems of America. This agreement brings a cutting edge cybersecurity simulation-based training center to Metropolitan State University and to the State of Minnesota,” said Virginia Arthur, President of Metropolitan State University. “The new Cyber Range training facility, with its advanced cybersecurity curriculum, combined with Metropolitan State’s business, education and government partnerships will effectively help to ensure that many more Minnesotans are fully prepared to meet the demands of 21st-century jobs. We are proud that through our work with Elbit Systems of America, we will position the Minnesota State system of colleges and universities and the state of Minnesota to become a national center of excellence in cybersecurity education and practice.”

The training and simulation center will be powered by the Cyberbit Range, a solution developed by Cyberbit, an Elbit Systems’ subsidiary. Cyberbit Range is a widely-deployed cybersecurity training and simulation platform, currently training and certifying thousands of cybersecurity professionals in many training centers, including; RUAG in Switzerland, IABG in Germany; Ni Cybersecurity in Tokyo, Japan; ST Electronics in Singapore; Regent University in Virginia, US; The Baltimore Cyber Range in Maryland, US; and most recently ISE Systems in France. Cyberbit Range provides an up-to-date selection of simulated attack and ransomware scenarios. Trainees operate in real-life settings by accurately replicating their network setup, using their actual security tools and simulating their typical network traffic. The Cyberbit Range also includes a virtual and physical ICS/SCADA network training and cross-functional executive training.

(60)

Share