Predictions that the IT security industry is set to expand tenfold over the next 10 years* will of course come as welcome news to those who operate within the industry, but the imperative for more investment now has never been greater, if corporations are to counteract the present threats that are very real and ongoing.
It could be argued that it is almost impossible to accurately predict the changes that may occur in the IT industry even one to two years ahead, let alone ten years in the future. In the ever changing world of IT, ten years is an incredibly long time. Consider the last ten years and the technological advancements that have been made within the changing security landscape, and it is clear that the rate of invention, adoption and commoditization of IT technology has always been much more rapid than that of conventional technologies and markets. In terms of ‘internet years’, ten years is more like 40-50 years in a conventional industry sector for the same levels of advancement.
The IT security sector is required to grow in order to protect against new threats that will inevitably occur and at the same time fulfill the predicted demand for a new wave of anti-eavesdropping technologies. IT Security, be it protecting digital assets from theft or vandalism, or protecting against unwanted surveillance - whether from the NSA or competitors - is going to become inexorably more acute over time. We are all aware that we are being watched and listened to with increased surveillance but the majority of data theft is perpetrated via malware; this is a vast and targeted threat that must be addressed.
To this end, it may actually be better to ensure that IT security is up to speed now, rather than looking too far into the future and for any possibility of a cure all?
The problem is that currently, whether due to ignorance or denial of the facts, the vast majority of organizations have failed to adapt security processes and procedures to reflect the changing and constant evolving threats. Taking action now then continuing to work to beat and counteract these threats is actually what is needed.
This complacency must be addressed and organizations need to start embracing a higher level of compliance with best practice in security processes and procedures. The fact is that every corporation is at risk at all times and defenses and detection mechanisms, such as real-time file integrity monitoring must be implemented on the assumption that traditional firewall and AV measures are fallible. After all, internal threats continue to be present and are likely to continue to be in the future.
To ensure your IT is safeguarded we must focus on the here and now.