For many, the transition into the new year is about looking back and taking stock of what happened throughout the year, what lessons we have learned and what new technological innovations broke onto the scene and changed the way enterprises conduct business on a daily basis. While there is plenty to unpack when glancing over your shoulder at 2017, it is hard to ignore the paradigm shift that continues to take place as large-scale security breaches (most notably Equifax) brought heightened levels of scrutiny toward companies and their effort – or lack thereof – to protect their customers’ personal information in which they are entrusted with.
As a result, 2018 is primed to be the year of security, with higher levels of investment and innovation than ever before, particularly as networks become more globally distributed and peer-to-peer becomes standard operating procedure. Below are a few developments we expect to see take hold during the year, along with our thoughts on why each will play an integral role in addressing the ever-evolving edge security landscape.
Use of cloud-based WAFs will become commonplace, particularly those offered by cloud providers that leverage AI and Machine Learning.
Traditional web application firewall (WAF) appliances, installed within a customer’s data center, have become a standard requirement for many enterprises to combat malicious traffic at the network layers (3,4). Additionally, cloud-based WAF offerings provide additional scalability, cost-effectiveness due to a lack of hardware spend, and the flexibility of real-time updates to threat intelligence and reputation feeds from global network analysis and third-party SIEMS such as Splunk, SignalFx, and DataDog. Today, the proliferation of application layer attacks, such as volumetric DDoS, content scraping, etc. has made the deployment of cloud-based firewalls an equally-important strategic imperative.
As the frequency and breadth of application layer data breaches continue to increase throughout 2018, the use of cloud-based WAFs is likely to surge in lockstep. Investments from cloud providers to expand the functionality of their respective WAF offerings will drive a shift away from deploying third party VMs toward adopting proprietary alternatives, which will still be able to leverage well-recognized rule sets from pure-play security vendors such as Alert Logic, Fortinet, and F5. The use of machine learning (ML) and artificial intelligence (AI) to bolster WAF rulesets, and reputation feeds will increase, ensuring applications are up-to-date with the most recent patches to better defend against previously unknown threats.
M&A will continue, however VC investment will result in a swath of new security startups, offsetting market consolidation
Market consolidation, both from existing security vendors and private equity firms looking to capitalize on rising demand for unified security platforms will continue, if not accelerate, during 2018. Security investment will take place across the entire edge ecosystem, with acquisitions being made by CDNs, WAF vendors, threat intelligence and monitoring shops, etc.
- CDN providers that also offer cloud-based WAFs, such as Akamai and CloudFlare will be particularly interested in improving their threat intelligence and traffic monitoring capabilities in an effort to take advantage of their network scale and improve proprietary rulesets.
- The market hype around RASP vendors offering an innovative alternative, or complement, to legacy WAF solutions by protecting applications from the inside-out will likely spark interest from WAF vendors hedging against a significant pickup in demand from existing clients.
- Vendors that offer threat intelligence and monitoring solutions will look to expand their ability to block incoming threats after detection rather than sending intel feeds to 3rd party tools.
That being said, while consolidation will continue throughout the year, the market will be flush with new entrants as VCs invest in new startups looking to apply next-generation technologies including IoT, AI and blockchain to thwart emerging security threats. According to recent data taken from CB Insights, Cybersecurity startups raised $7.6 billion in VC investments throughout 2017, two times the $3.8 billion in spending recorded during 2016. Furthermore, investments in security will continue to shift from the core infrastructure to the edge, with a primary focus on IoT, containers and peer-to-peer traffic.
As hype continues to rise, enterprises will begin seriously considering blockchain as a solution to prevailing security concerns
Market interest in blockchain and its potential use cases outside of cryptocurrencies continues to rise, though few applications of the burgeoning technology have truly begun to take hold. While it is still unlikely that blockchain adoption accelerates in any meaningful way during 2018, a swath of new market entrants will look to apply the distributed ledger technology to help solve existing vulnerabilities in edge security.
As it stands, numerous companies have begun searching for areas in which blockchain can be used to address an unanswered security concern or vastly improve mitigation strategies. For example, Maryland-based startup, Gladius, enables end users to “rent out” their unused bandwidth as a means to distributed malicious traffic in the event of a large-scale DDoS attack rather than routing traffic through a centralized scrubbing center. Palo Alto-based Xage emerged from stealth at the tail end of 2017, unveiling the beginnings of a security fabric for IoT, which takes blockchain and synthesizes it with other capabilities to create a secure environment for devices to operate. This trend of identifying innovative applications for blockchain technology within the security sector should only increase in the coming year.
Increasing security threats will contribute to multi-cloud adoption growth
As the threat landscape continues to evolve, with new attack vectors being discovered and the size of attacks ever-increasing, businesses need to consider the cost to their business if their services or operations are knocked offline for any amount of time. According to Gartner analyst, Andrew Lerner, the average cost of IT downtime is $5,600 per minute, or roughly $330,000 per hour. Distributed Denial of Service (DDoS) attacks as well as other threats make the likelihood of downtime inevitable for most organizations.
The leading cloud platforms have seen significant adoption from companies that have recognized it’s not feasible to defend against all types of attacks with their legacy on premise infrastructure and in-house skill sets. However, 2017 saw several major cloud service outages that resulted in significant downtime for customers. As a result, many companies have turned to, and will continue to adopt a multi-cloud strategy to achieve redundancy across all levels of their infrastructure. This configuration allows these companies to failover to an entirely separate infrastructure stack in the event their applications experience downtime from an outage of their primary cloud platform.
As the role edge technologies play in the cloud evolves, so too does the potential surface area for attack. Whether it is bringing the well-established firewall technology from the network layer to the cloud edge, finding innovative applications for emerging technologies including blockchain and AI or increasing resiliency via cloud failover, the importance and the level of investment enterprises earmark for security will continue to rise in 2018. Keep an eye out for additional blog posts throughout the year in which we will delve deeper into each of these predictions and unpack the rapidly growing and ever-changing security landscape.