New Frontiers: 10 Hot Security Opportunities For Solution Providers
Serious About Security
The latest threats were front and center at the Black Hat 2017 conference in Las Vegas last month. However, solution providers said they already have their eyes focused on new opportunities and ways to protect their customers against the new threats and the older ones that still persist. CRN spoke with solution providers and vendor executives at the event who said they see particular opportunities to have conversations with customers around ransomware, cloud security, the Internet of Things and more. They said they also see emerging technology areas such as DevOps and automation and orchestration as new frontiers for security investments going forward. Take a look at 10 of the biggest opportunities they see today.
Ransomware
On the heels of two major ransomware campaigns so far this year, ransomware was top of mind at Black Hat this year. While it's not the most sophisticated threat out there, Accenture Managing Director of Accenture Security Kelly Bissell said ransomware is increasingly being disucssed with customers. What he said is changing is that boards of directors are waking up to the risk posed by ransomware and looking to get more proactive, especially around disaster recovery. Accenture is responding to the ransomware trend by launching a dedicated Playbook, which brings together action items to protect a company against ransomware, and then what steps to take – including technology, disaster recovery, legal, crisis management, and more – in the event of a successful attack, Bissell said.
Cloud Security Basics
In the past few weeks, multiple data leak exposures have exposed the weaknesses some companies have in their security when migrating to the cloud. Armor Chief Security Officer Jeff Schilling said he sees an increasing opportunity for solution providers and MSSPs around the cloud, adding it is a way to "get back the advantage from the hackers" if implemented correctly. There also is an opportunity for solution providers around "fundamental" security controls, as well as more advanced capabilities around orchestration, analytics, machine learning and operations.
OT Security
Accenture's Bissell said Black Hat showed the opportunity involved in bridging the gap between IT and OT security around IoT is significant for partners. The conference highlighted some of the latest threats against IoT devices, including attacks on smart locks, critical infrastructure, cars, smart buildings, industrial robots, radiation monitoring devices and more. Bissell said he sees significant opportunity for companies like Accenture to help CISOs extend security to OT environments, areas that don't normally fall under their purview. That includes both technology and coordinating across different organizational departments, he said.
Next-Level Managed Security Services
Customers are looking for more from their managed security service providers, Optiv Security Practice Leadership for Enterprise Incident Management Jeff Wichman said. Instead of just log management, he said customers are looking for MSSPs to help them be more proactive around security, including strategy, technology, customized threat intelligence and incident response. That presents an opportunity for them to offer a new, more margin-rich set of managed security services to customers, he said.
Automation And Orchestration
The security skills shortage continues to grow, and there's an opportunity for solution providers to step up and help customers secure their environments. One way they can do that is to take advantage of technologies like machine learning, artificial intelligence, automation and orchestration, Fortinet Global Security Strategist for FortiGuard Labs Derek Manky said.
"To me, we are in a race and this is vitally important because it enables the good guys with AI and automation to block hackers," Manky said. "We have to fight back with AI and automation."
Business Email Compromise
Optiv Security's Wichman said the solution provider is seeing more instances of business email compromise. Business email compromise moves beyond phishing by gaining access to a legitimate email and sending emails to a second wave of users. From there, hackers will get users to open attachments or directly ask for money, with emails coming directly from the CEO or another trusted source. Wichman said the growth in the number of these types of attacks has been "aggressive."
DevOps Security
Solution providers all agreed that they are seeing an increasing opportunity around bringing security to DevOps. While the opportunity is in its early days, they said they see a place to help customers figure out their security strategy around DevOps, as well as bring together the disparate teams involved in those decisions. Signal Sciences founder and CEO Andrew Peterson said more customers are looking to adopt cloud and DevOps processes. With that shift, he said customers are looking for help in adapting their security models.
"There is a flux, but the good thing is that it's providing this opportunity where customers are investing in security resources to match where their new risk profiles are," Peterson said. The shift also will likely create stickier customers for partners, as they extend their reach across cloud, application, and security teams, he said.
Security Incident Planning
Curtis Fechner, senior incident management and incident response consultant at Optiv Security, said he also is seeing a growing opportunity for "tabletop planning" with customers. Customers are looking for partners to talk through the process of different types of incidents like a fire drill, he said. Fechner said the exercise helps customers find ways they can collaborate and communicate better if an attack does happen, and pinpoint problem areas in their incident response plans. That includes regulatory requirements, he said.
Insider Threat Prevention
Insider threats continue to be a challenge for security. Optiv Security's Wichman said most of these insider threats aren't malicious, meaning users are unintentionally exposing data or are tricked into aiding an attack. He said there's an opportunity for solution providers to patch these "social vulnerabilities" with technology and end-user education initiatives.
General Data Protection Regulation
With less than a year until the General Data Protection Regulation takes effect, solution providers said they have their eye on the opportunity to get customers up to speed. GDPR officially takes effect on May 25, 2018, bringing new requirements and regulations around data privacy, collection, management, and more for companies collecting and processing data on European Union citizens. The ultimate goal is to create better data privacy and protections. Solution providers said they had their eye on data protection technologies at Black Hat this year to help get their customers up to date with some of the regulation requirements as the deadline swiftly approaches.