NTT reveals cybersecurity trends that will shape business technology in 2020

The Future Disrupted: 2020 Technology Trends, which include key insights from the company’s Security division, reveal that Security Orchestration, Automation, and Response (SOAR) will rocket as attacks happening at machine speed demand an AI-based approach to security.

Around 75% of the threats detected in NTT Ltd.’s Security Operation Centres (SOCs) are now orchestrated by supervised machine learning and threat intelligence. Its security experts use algorithms to recognise patterns, identify anomalies and automatically orchestrate security controls. Embedding this level of intelligence into infrastructure and applications will therefore become a top priority for businesses.

“Cyber attacks are happening at machine speed, not human speed”, comments Azeem Aleem, VP Consulting Security, NTT Ltd. “To keep up, organisations will need the help of machines – and data scientists – and this is why we believe Security Orchestration, Automation, and Response will be the hottest area in cybersecurity in the year to come. It enables organisations to predict when an attack is going to happen – and fast. In fact, we don't even talk about proactive security to our clients anymore. We talk about predictive security, which we believe will become essential for delivering an active cyber defence in 2020.”

NTT Ltd. also reveals that applications are becoming the new attack vector, with application-specific and web-application attacks now accounting for a third (32%) of hostile traffic – making them the single most common form of hostile activity, according to NTT Ltd.’s 2019 Global Threat Intelligence Report (GTIR).

Azeem Aleem adds: “Now that infrastructure is more cloud-based and software-defined, we are entering a world where the application is the easiest way to compromise data. If our latest GTIR is anything to go by, the number of attacks on applications is only going to increase. At a minimum, organisations need to regularly evaluate the security hygiene of applications across their entire business and apply the necessary patches – an exercise that can no longer be neglected. Infrastructure will still be a target, however, so organisations also need to test and manage security from the data centre right through to the edge.”

Some of the other cybersecurity trends include:

• Security goes to the cloud: While organisations still buy on-premises equipment, largely for compliance reasons, more applications and workloads are being created and hosted in cloud environments. However, if organisations are using multiple hosting centres or hyperscalers, it’s more difficult to apply standardised, software-based security controls across the entire infrastructure. Applying security to the application or workload will enable them to monitor and implement the appropriate controls.

• Hyperscaler patterns continue to be elusive: Fixed infrastructure tends to have standard traffic patterns that make it relatively easy to identify anomalies. This is not the case with hyperscalers, which also make hundreds of thousands of high-speed updates to their platform on any given day. This will make it very difficult for organisations to monitor the interactions between humans, machines, data and applications in order to identify patterns and anomalies. Information, context and intelligence therefore need to be applied for a modern and robust security posture.

• Data lakes and data wallets:Data lakes will enable new models of predictive analytics. What’s more, we will see data wallets that put data in the hands of the person who owns it and making it completely secure for them. Nobody can access that data without certain permissions being in place and, if the user is under threat, can be locked down.