5 emerging security technologies set to level the battlefield
The war between those who defend data and those who steal data has been labeled a cat and mouse game. Just when the white hats counter one method the black-hat people use, another nasty form rises from the ashes. What can be done to tilt this in favor of the information security warriors? These five emerging security technologies that may help with that.
Data privacy regulations like GDPR and CCPA are now the new norm in this industry. They are aimed at protecting consumers.
1. Hardware authentication
Usernames and passwords are very easily compromised. A more secure method off authentication is required. One emerging method is to use hardware to do authentication. One major manufacturer, Intel, is moving in that direction with the Authenticate solution, which is now in its sixth generation Core vPro processor. This hardware can combine a variety of hardware-enhanced factors at the same time to validate a user's identity.
Intel now has a dedicated portion of the chipset for security functions to make the device part of the authentication process. The industry experts agree that good authentication requires three things from users: something they know, like a password, who they are, like a username, and what they have, like a token. In the case of Authenticate, the device becomes the what-you-have.
Hardware authentication can be particularly important for the Internet of Things (ie. smart home devices, etc.) where a network wants to ensure that the thing trying to gain access to it is something that should have access to it.
Despite this, experts acknowledge that the most pressing application for this technology is authenticating an endpoint in a traditional IT environment. This includes laptops, desktops and mobile devices.
2. User-behavior analytics
If someone's username and password get compromised, the person who has that information can get into a network and engage in a lot of malicious behavior. By observing this behavior, red flags are triggered for system defenders if they are employing user behavior analytics (UBA). The technology uses big data analytics to identify anomalies created by user behavior.
Most security professionals see user behavior as a huge concern. They watch that activity closely to determine if there might have been a breach of security.
This technology addresses a blind spot in enterprise security. As an attacker gains entry into an enterprise system, what do they do next? They attempt to compromise credentials. This gives rise to a question: Can you tell the difference between a legitimate user's activity and an attacker who has compromised a legitimate user's credentials?
Being able to see into an activity that users seem to fit the normal behavior of a legitimate user can bring attention to the previously existing blind spot in the middle of the attack chain. This is of great interest to security professionals as they have historically not had good visibility into the middle of the attack chain.
Comparing behavior isn't the only way a UBA can identify a hacker. Through the use of something called “peer analysis,” experts can compare how someone is behaving compared to people with the same manager or same department. This becomes an indicator that the person is doing something they shouldn't.
The employees themselves tend to be the biggest security hole. A UBA can be a great tool for training employees in better security practices. A UBA will easily identify an employee who is not following company policy, enabling the company to retrain that employee.
3. Data loss prevention
Encryption and tokenization are a key to data loss prevention. They protect data down to field and subfield level, which can benefit an enterprise in a number of ways:
- Cyber-attackers are unable to monetize data in the event they successfully breach the system.
- Data is able to be securely moved across the enterprise, enabling business processes and analytics to be performed on the data in its protected form. This reduces exposure and risk.
- Compliance becomes easier. Things like PCI compliance and PHI compliance are less of a headache.
4. Deep learning
Artificial intelligence and machine learning are known as deep learning. They encompass these major technologies (AI and machine learning)
Deep learning is like UBA in that it focuses on suspicious behavior. Like user behavior analytics, deep learning focuses on anomalous behavior.
Instead of just looking at users, the system looks at entities. For example, a data center, as an entity, can behave a certain way, similar to a user.
It is expected that investments will continue in deep learning for security purposes.
5. The cloud
The cloud is already changing security technology.
As more organizations use the cloud for what has historically been the domain of on-premises IT, more approaches to security that are born in and for the cloud will appear. On-premise technologies will be moved to the cloud. This includes things like virtualized hardware, virtualized firewalls, and virtualized intrusion detection and protection systems.
These five technologies will help the security warriors get the upper hand. Which technologies would you suggest will move the needle on information security?