As yet another year draws to a close it’s natural for the industry to glance back over the past 12 months, and then wonder what the future holds. For security professionals, 2009 has been a year of manipulating constricted budgets to secure the enterprise against an ever-expanding network of threats.
Virtualization and Cloud Computing have well and truly exploded, bringing with them a fresh breed of nasties for businesses to fend off. Compliance initiatives have continued to dominate our radars, especially in the credit card and online banking spaces where the challenge of securing customer’s electronic data has become a major focus in the boardroom.
In an effort to be one step ahead of whatever is on the horizon, it’s time to start asking what’s in store for 2010? Well, here are three predictions based on my discussions with customers out in security land.
The slow rise of automated fraud detection
As financial institutions face ever more devious threats, automated fraud detection has been positioned as the next big thing. While it makes sense to automate information gathering and event responses where possible, the technology is still too complex to provide effective payback.
Part of the challenge is a lack of integration between security technology and processes. Fraud is typified by a complicated set of activities that cross many different elements of the organisation. The effectiveness of automated fraud detection programs is still a few years away because security programs lack the necessary maturity and information flow between technologies and operational silos.
Where I see more immediate value is in the ability to monitor abnormal activity from privileged users, which could signify a potential breach.