10 Hot Security Technologies Enterprises Need Now - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IT Leadership // Security & Risk Strategy
07:06 AM
Dawn Kawamoto
Dawn Kawamoto

10 Hot Security Technologies Enterprises Need Now

With security threats increasingly becoming more advanced, research firm Gartner outlines the top 10 technologies that should be deployed to take advantage of digital business opportunities while managing risk.
1 of 11

(Image: TBIT via Pixabay)

(Image: TBIT via Pixabay)

Over the past 35 years, security technology offerings have come in five major "waves" of development -- each aiming to protect against the ever-changing methods of hackers and cyberthieves. The waves include:

  • firewall and anti-virus
  • intrusion prevention security technology
  • web app firewalls
  • end-point detection and response
  • machine learning security

But, unfortunately, the sophistication of threats continues to advance with growing frequency, duration, and impact.

In response, Gartner recently released a report, "Top 10 Technologies for Information Security in 2016," designed to help enterprises to take advantage of digital business opportunities while simultaneously managing risks.

These technologies build on previous security efforts enterprises have undertaken. Back in the 1980s, and through the 1990s, firewalls and antivirus technologies were by far the most pervasive form of security technologies companies deployed, Lawrence Pingree, a Gartner research director, told InformationWeek.

The firewall technologies emerged as attackers sought to gain access to unauthorized ports, while antivirus software sought to protect users as internet use became more widespread.

"It's been a game of tit for tat that has caused security software to evolve over time," Pingree said. Security vendors improve their products, and the hackers and cyber-criminals seek ways around the protections.

Intrusion prevention security was later developed as attackers sought ways to gain access to authorized ports, Pingree said. Dorothy Denning published an intrusion detection system model in 1986 according to IEEE. Enterprises needed a way to determine who had legitimate access to the ports from those who did not.

A third wave in security technology emerged with web application firewalls, as the use of web-based applications gained in popularity. Commercial products started appearing in 1999.

[See 10 Stupid Moves That Threaten Your Company's Security.]

Endpoint detection and response (EDR) security software emerged in 2013 as the fourth wave of security software, born out of a need to combat malware. Cyberthieves shifted malicious payload delivery tactics from using files with static signatures to one where the signatures would constantly change before they could be identified and blocked, Pingree explained.

Additionally, sandboxing is another recent security technique deployed, in which a similar system is created and the potentially malicious file is evaluated for its behavior, not its signature. Once the file's behavior is deemed good, by which is meant it doesn't try to create a buffer overflow or insert itself into a registry, it will later be assigned a signature and allowed to go into the intended system.

Machine learning security software is currently in its early stages, and is included in the fifth wave, Pingree said, adding that the software looks for similar or group files and events. For example, it is difficult to monitor thousands of separate security alerts that may occur within an hour and draw some conclusions of what is happening to an enterprise's system.

But machine learning can take this data and "connect the dots" to make sense of what security threat is happening and develop a priority list of what to tackle first, explained Pingree.

With this evolution of security software in mind, here are the top 10 information security technologies Gartner says businesses should adopt this year. Is your organization currently using any of these? Tell us about your experiences with locking down your systems in the comments section below.

Dawn Kawamoto is an Associate Editor for Dark Reading, where she covers cybersecurity news and trends. She is an award-winning journalist who has written and edited technology, management, leadership, career, finance, and innovation stories for such publications as CNET's ... View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
1 of 11
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

Remote Work Tops SF, NYC for Most High-Paying Job Openings
Jessica Davis, Senior Editor, Enterprise Apps,  7/20/2021
Blockchain Gets Real Across Industries
Lisa Morgan, Freelance Writer,  7/22/2021
Seeking a Competitive Edge vs. Chasing Savings in the Cloud
Joao-Pierre S. Ruth, Senior Writer,  7/19/2021
White Papers
Register for InformationWeek Newsletters
Current Issue
Monitoring Critical Cloud Workloads Report
In this report, our experts will discuss how to advance your ability to monitor critical workloads as they move about the various cloud platforms in your company.
Flash Poll