Forrester: 6 Ways to Prepare for Cyber Security Threats in 2017

December 12th, 2016   /     /   smarter identity

Experts agree that importance of cyber security has shifted from being an issue just for IT to a risk requiring attention from CEOs and their boards. But despite the best efforts of many organizations, it’s not always easy to tell how secure sensitive company data is.

Modern enterprises have more sensitive data to protect than ever, but are facing new challenges. The organizational perimeter has disappeared, employees often use external app services to get work done, and it’s now commonplace for workers to share sensitive data with external users and contractors.

We had the opportunity to speak with, Andras Cser, VP and Principal Analyst at Forrester, to get his thoughts on the most important cybersecurity trends to consider as the new year approaches.

Recognize the impact of cybersecurity attacks

It feels like every day we hear about a major corporate or government organization having sensitive information compromised. Obviously these incidents are devastating blows to an organization’s reputation, but these compromises also come with quantifiable fiscal impacts. Forrester estimates that cyber attacks typically cost organizations $3.5 - 4 million, with each record lost costing anywhere between $50 and $300.

Shift Identity Management to the forefront of threat detection

Gone are the days of providing every employee with a laptop and VPN. According to Forrester, identity is the new perimeter keeping sensitive company data secure. By “identity,” we mean a specific set of attributes that, when paired with the right context, and policy evaluation engine, allows the user to connect and access only the company data and apps that they are supposed to have access to.

Know where you stand with your cloud apps and platforms

It’s becoming more and more apparent that cloud is here to stay. According to Cser, it’s not a question of if your company will migrate to the cloud - only how and when. Organizations that have already made the shift need to take inventory of what data is being stored where. How sensitive is that data? And how will your organization detect anomalies in data access by users, devices, and apps?

Assess scale

According to Forrester, today’s IT environments are 10X - 100X larger than they were just 5 years ago. Organizations are utilizing several times more machines, and thousands of on-prem and cloud apps. Managing who has access to what is critical in these large environments- especially when organizations are depending upon many different types of machines like mobile, BYOD, and IOT (“Internet of Things”)-integrated devices.

Secure IOT

Speaking of IoT, according to Cser, it’s highly likely that compromised IoT devices were used to conduct the DDoS attack on the Dyn DNS servers last month. Despite their vulnerability to DDoS attacks, Forrester expects a huge surge in IoT device adoption in the coming years. This makes the need for identity management all the more prevalent, says Cser.

Proactivity is key

Identity and Access Management is about more than what tools your organization implements. Cser states that IAM is 70% people, process, communication, and politics. It’s critical to instill good user access behavior and for employees to maintain relationships with compliance and governance specialists. Without these critical elements, even the most robust identity infrastructure is vulnerable.

Go deeper

There are 5 more key trends from Forrester to consider when developing your cybersecurity strategy. Click here to view the live webinar that Andras Cser and OneLogin Sr. Director of Product Marketing Al Sargent just completed. Our speakers discuss key predictions for 2017, and outline how you can automate secure access to your applications, laptops, and mobile devices in a rapidly evolving landscape.

Webinar: How to Prepare for Intensifying Cyber Security Risks in 2017

Watch Now
About the Author

Jack Shepherd is a Content Marketing Specialist at OneLogin, and is responsible for the production and management of original marketing content. Jack specializes in producing content around the latest trends in cyber security and cloud technology, as well as the developing areas of Identity and Access Management (IAM), software as a service (SaaS) and the internet of things (IoT).

View all posts by Jack Shepherd