As 2015 draws to a close, tech experts are looking to the future – and high on the list of talking points are Gartner’s Top 10 Tech Trends for 2016. But what are these innovations all about? How will they impact us and are they as important as they’re cracked up to be?
We’ll be looking at each of these much-trumpeted tech trends in turn to figure out just what kind of impact they’re likely to have over the coming year. In our last post, we analyzed Autonomous Agents and Things; today, we look at the sixth trend on the list: Adaptive Security Architecture.
What is Adaptive Security Architecture?
Keeping your business data and digital assets safe and secure is harder than ever before. These days, a single team might access or transfer information through dozens of networks, devices, business apps, cloud platforms, you name it – multiplying the number of potential weak spots every time.
At the same time as this “threat surface” is growing, hacking methods are getting more and more sophisticated all the time, and whole industries are springing up around data theft and sabotage. Not the kind of scenario that helps IT professional to sleep easy at night, that’s for sure.
Traditionally, IT security has been all about building a bigger and bigger fortress around your data and networks, and limiting access wherever you can to make a breach unlikely. Increasingly, though, this is shown to be a poor match for determined cybercriminal – and what’s more, it can prove to be a limiting factor for businesses looking to innovate and grow.
Adaptive security architecture takes a different view: instead of locking the door and hoping for the best, it focuses on monitoring for threats and attacks and dealing with them head-on.
What Does this Mean in Practice?
The companies that are spearheading Adaptive Security Architecture are moving from an incident response mentality to a continuous response mentality. In other words, they presume that their systems are being compromised all the time and proactively monitor and address issues as they go.
Rather than investing in prevention, they channel energies into detecting and responding to threats – and, crucially to predicting them, too. They keep an eye on what’s happening in the hackersphere and use this information and insights to identify and anticipate where threats will come from in their systems. They retrospectively analyze previous problems and build on their findings.
What Gartner Says:
“Relying on perimeter defense and rule-based security is inadequate, especially as organizations exploit more cloud-based services and open APIs for customers and partners to integrate with their systems. IT leaders must focus on detecting and responding to threats, as well as more traditional blocking and other measures to prevent attacks. Application self-protection, as well as user and entity behavior analytics, will help fulfill the adaptive security architecture”
What We Say:
Successful adopters of adaptive security architecture recognize that no system can ever be 100% secure and that the methods of attack are shifting all the time. They don’t see a particular fix as the end of the chain: rather, they treat security as a continuous feedback loop of intelligence-gathering, learning and improving – of adapting to security threats as they evolve.
What’s more, in order to balance security and growth, IT departments need to understand that heavy-handed control of employees’ behavior is not the answer. They need to work with the business, and to appreciate the need for flexibility and mobile working. They need to accept risk, and accept that resisting attacks will be an ongoing battle, rather than working on the assumption that with enough of a police state mentality they can eliminate threats altogether. That’s what adaptive security architecture is all about.
This is the sixth in a 10-part series on top trends for 2016. In our next post, we’ll be talking about another hot new trend, Advanced System Architecture. See you there!