In 2014, we predicted that 2015 would be “The Year of the Breach” and it didn’t disappoint. Companies faced attacks from every possible angle: real world terrorist organizations, nation states, hacktivists, organized crime, insiders and in some cases, their very own governments. We asked Fidelis Cybersecurity leaders to reflect and share what they thought was the most significant tipping points in 2015.
The biggest headaches enterprises faced involved securing their company data and infrastructure. The sheer volume of data being collected grew and overwhelmed network security teams, particularly those charged with combing through sessions of full packet captures. Traditional network perimeter continued to erode as organizations moved to the “cloud.” Endpoint solutions experienced its banner year as companies raced to put something other than anti-virus on servers, workstations, laptops and tablets. The battle for the endpoint will continue to heat up through 2016 as more and more companies realize that taking a preventative approach to breaches is fraught with risk.
- Justin Harvey, Chief Security Officer
Our customer’s evolving approach to cybersecurity and business decisions resonated in 2015. Enterprises wanted best-in-class security solutions while trying to find the balance between best-in-class tools and reducing the number of vendors. It posed a real big challenge for the best-in-class tools often came from innovative and disruptive companies, and not from the established “preventive-focused” vendors. It meant adding more vendors and more complexity while trying to shrink the number of tools in the stack. Another significant inflection point was the shift from prevention to early detection and response solutions. Security budgets rose with increased funds dedicated to detection and response. We’ll see this trend continue in 2016 at a much faster rate.
- Peter George, President and CEO
In working with our customers, we saw ongoing challenges around their security strategy. Organizations tended to focus on the perimeter. All it took was for one server to be compromised. After that, it was easy for hackers to escalate the attack once they’re inside the company. Most companies have not invested in lateral movement visibility. Some C-level executives and board members have started to act on this knowledge yet it still remains a dollars-and-cents issue. They want to do their due diligence but do not want to spend money on something that may not happen. We saw leading companies invest in expanding their network and endpoint defenses. They quantified the risks and understood that the true toil of a breach amounts to more than the cost of providing credit monitoring to their customer - it’s the potential long-term damage to a company’s reputation.
- Mike Buratowski, Vice President of Cybersecurity Services
This year, nation states -- specifically China and Russia -- intensified their attacks for geopolitical, business intelligence and monetary gain. The scale of attacks against U.S. Office of Personnel Management (OPM) and Anthem Healthcare caused irreparable damage and strained international relations. In contrast, we saw embarrassing breaches that have landed quite a few people in hot water, exposed by the Ashley Madison breach. We expect to see more embarrassing and damaging attacks in 2016 as attackers shift to leaking stolen data for greater disruption and damage than to selling information to the highest bidder. - Justin Harvey, Chief Security Officer
The stature of the CSO rose as companies battled against a world of constant attacks. The early CSO brought deep security domain knowledge focused in the technical trenches. We saw a new CSO evolve with broader crisis and management expertise while interfacing with c-level executives and boards. Greater responsibilities and accountability fell on the CSO in driving the overall threat defense and response strategy, execution and communications surrounding a breach.
- Peter George, President and CEO
The boardroom focus on cybersecurity increased dramatically in 2015 and emerged as a major topic of discussion. Not surprisingly, boards strengthened their ranks with knowledgeable cyber experts as key advisors to ensure cybersecurity remains top of mind. Board members began to expand their cybersecurity expertise yet key gaps continue to exist between boards and security operations teams. Moving forward this integration needs to be constant in order to address and remediate breaches.
- Jim Jaeger, Chief Cyber Services Strategist