According to the leading analyst firm Gartner Group over 50% of major new business processes and systems will incorporate some element of the Internet of Things (IoT) by the year 2020. The potential for IoT to revolutionize existing business models is very exciting. Industrial manufacturers are clearly in a hurry to capitalize on this virtual world of opportunities where new revenue streams flow from managing and servicing customers’ equipment remotely.
But before everyone gets carried away it is important to pause for a moment to consider how with the rush towards digitalization there is also a risk that IoT growth will outstrip cybersecurity considerations.
Organizations are being targeted by cybercriminals more than ever. According to the latest statistics from Symantec, 52.4% of phishing attacks in December 2015 were against small and medium-sized enterprises (SMEs). The month prior demonstrated an even bigger spike. The situation is forcing businesses of all sizes to augment their network and mobile security. Topping the list of improvements include the need for better threat intelligence and endpoint security.
Security information and event management (SIEM) systems provide a valuable tool to gather threat intelligence through activities logged from various applications and devices. The logs are then combined to create threat intelligence reports that can identify signs of unauthorized behavior. Because of their complexity, until recently SIEM systems were considered exclusive to those large enterprises with access to the sizeable budgets and resources required to maintain them.
Over the last few years, gleaning useful information from massive amounts of data has also become more difficult for IT security and approaches to Big Data and information analysis are a critical topic in this sector. The number of users, end devices, applications and log files are constantly on the rise. At the same time, attackers are becoming more sophisticated and professional while constantly adapting their strategies. Companies are now facing a completely new level of risks and challenges to their IT security operations.
Frequently companies have more than enough data on security events, including successful penetrations and potential vulnerabilities. Enormous volumes of data are generated by network components, storage systems or applications. Security threats buried among this data must be taken seriously, however attacks often remain unnoticed or they are not discovered in time due to a lack of structured data. Analyzing and interpreting this data and deploying a rapid response is almost impossible without specialist software.