In the coming years, IT security companies will face extreme challenges. Hackers are targeting people αντί για συστήματα. Οι πιο δαπανηρές επιθέσεις στον κυβερνοχώρο (APTs, ransomware) συμβαίνουν από λάθη των εργαζομένων ή από κατάχρηση προνομίων που διαθέτουν τρίτοι πάροχοι, καθώς μια επίθεση social engineering is much easier than finding a zero-day.
Traditional IT security perimeter defense tools, such as password authentication access they are necessary but insufficient to detect abuse of privileged accounts or hijacked credentials.
As soon as the attackers find themselves inside the network, they use legitimate user accounts to access sensitive data. Only then their behavior is the missing link in the detection and prevention of intervention. And this can be done in real time during the attack.
Behavioral security models know how a worker's mouse moves, or how it is typing. He usually navigates and the type of work he does.
Focusing on the security of privileged users, who have unrestricted access to sensitive data, does not seem to be as helpful as new attacks. The market needs solutions that are capable of tracking all the important parts of the system, exporting as much information as possible from user connections / sessions, learning behaviors.
Due to the amount of data to be produced, artificial intelligence will play an important role in the years to come, turning the data into valuable security information.
The algorithms that learn from Big Data alone in IT security companies will be able to automate data processing and allow security professionals to focus on real high priority risks.
Such behavioral Analytics solutions are relatively new to the market, but their integration into existing IT environments for data processing will be vital in the near future.