Analyst firm IDC held its annual RSA Security Breakfast event this week and revealed a number of changes in how the market is looking at security in 2018. IDC’s Program Vice President of Security Products C. Sean Pike led a discussion of key survey findings, including:
- Companies are shifting focus from 99.999-percent (“five nines”) uptime to cyber resilience, which focuses on which resource is right to ensure the safety of consumers and users.
- The cost of this digital transformation in 2018 is $1.3 billion and is expected to increase to $2.1 trillion in 2021. Of those amounts, the percentage allocated to cyber security is too small to deliver protection.
- A robust cyber security platform solves the problem of weak resilience, or the situation where an individual system failure creates a colossal organization-wide failure.
IDC’s research surveys on this topic indicate:
- 50 percent of security professionals say they now spend most of time on cloud platforms, which are the least secure.
- 23 percent have had a ransomware attack, and 79 percent of these ransomware attacks have happened in the cloud.
- 22 percent have had an internet of things (IoT) breach, and 74 percent of those happened in the cloud.
- 23 percent had a distributed denial of service (DDoS) attack, and 68 percent of those happened in the cloud.
- The biggest growth area is DevSecOps, which enables developers to create rapid services that are properly protected by security; currently only 5 percent of CIOs are spending on this technology.
Based on the many recent changes in the security sector, IDC has reorganized its security programs into these practice areas:
- Identity and Access Management (IAM) & Digital Trust
- Analytics & Intelligence, Response & Orchestration (AIRO)
- Data Security
- Application Security & DevSecOps
Christina Richmond, IDC’s program vice president of worldwide security services, noted that a digital transformation that builds in an appropriate level of security requires cultural change. “In the security services sector, not everything is a nail. [You] can’t solve everything with a hammer, however. You need to get application developers to bake security into their process. This requires common technologies, common processes, and a common language. And this needs to be supported from the very top of the organization.”
For more detail on the research and concepts IDC presented at the RSA Security Breakfast, view the complimentary presentation slide deck. In addition, BOCA Communications would be happy to share what it’s doing for our current security clients like TrustArc and our heritage in the security sector