Menu
INSIGHT: What will the next 3 years of security threats look like?

INSIGHT: What will the next 3 years of security threats look like?

Web servers, social media and state-sponsored threats dominate the next three years in security threats.

Organisations face particular challenges from attacks getting lower and slower, slipping under the radar with a rogue approach (often called “snowshoeing”).

Take for example an attacker who monitors local ISP traffic and doesn’t trigger the enterprise’s threshold to be discovered.

It’s now become necessary for chief information security officers (CISOs) to focus on operational resilience and security sustainability.

Web server vulnerabilities will be first and foremost, according to Greg Young, research vice president at Gartner, in his session titled The Next Three Years in Threats at the Gartner Security & Risk Management Summit in National Harbor, Maryland.

“Web servers are this jack of all trades for bad guys to do bad things,” he reported.

Notably, web servers are increasingly used as a link in the kill chain for targeted attack. Shadow IT and mobile are also shifting to be the new vectors for spear phishing, with the Internet of Things (IoT) attack surface getting ever larger and more exploited.

Malware Trends

Existing vulnerabilities dominate malware lists and it’s important to close old known holes. However, manually distributed malware via social media and in response to phishing will be greatest growth category.

The actions of social media and owners of Android app store companies will drive the direction of social and mobile threats more than security companies.

For example, after a social media company was pressured to remove ISIS activity, 80 percent of ISIS traffic closed down overnight.

State-Sponsored Threats

State-sponsored technical spying isn’t new. There’s a lingering perception by technology companies and users that the government may be friend or foe.

By 2020, more than 10 percent of request for proposals (RFPs) for network security products and services will exclude vendors from China and the U.S.

In other words, state-sponsored attacks drive government procurement trends.

The Response: Sustainable and Resilient

“Get more resilient, because you will be attacked,” Young added. “Stop treating cloud as something different, good or bad. It’s an extension of the platform.”

Young added that business continuity is no longer separate from security and he stressed that it’s important to assess and update the threat landscape, not just the technology.

By Heather Levy - Gartner


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags social mediaGartnermalware

Events

Featured

Slideshows

Channel kicks 2021 into gear as After Hours returns to Auckland

Channel kicks 2021 into gear as After Hours returns to Auckland

After Hours made a welcome return to the channel social calendar with a bumper crowd of partners, distributors and vendors descending on The Pantry at Park Hyatt in Auckland to kick-start 2021.

Channel kicks 2021 into gear as After Hours returns to Auckland
The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

Hundreds of leaders from the New Zealand IT industry gathered at the Hilton in Auckland on 17 November to celebrate the finest female talent in the Kiwi channel and recognise the winners of the Reseller News Women in ICT Awards (WIICTA) 2020.

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards
Show Comments