Archive for

Oct 25

The Current State Of Cybersecurity Shows Now Is The Time For Zero Trust

41% of total breaches in 2017 targeted the healthcare industry, making it the most popular target for breach attempts.
Personally Identifiable Information (PII) combined with user credentials tops the percentage of breaches with 29% according to Wipro’s report.
88 records were lost or stolen every second in 2017 according to Wipro’s analysis.
Machine learning & AI are the second highest ranking security competencies for the future.

These and many other fascinating findings are from Wipro’s State of Cybersecurity Report 2018. A copy of the report can be downloaded here (PDF, 96 pp., no opt-in). The study is based on four primary sources of data including primary research of Wipro customers, Cyber Defense Center (CDC) primary research, secondary research sources and Wipro partner content. 42% of respondents are from North America, 10% from Europe, 18% from the Middle East, 21% from Asia and 8% from Australia. For additional details on the methodology, please see pages 3 through 5 of the report.

Banking & Financial Services and Healthcare Breaches Most Common

Over 40% of all breaches Wipro was able to track using their CDCs are targeted at healthcare, followed by banking & financial services with 18%. This is consistent with Verizon’s 2018 Data Breach Investigations Report which shows healthcare leading all industries with five times the number of breaches experienced than any other industry. Banking & financial services receive more server-based breach incidents than any other industry according to Verizon’s latest study. Accenture’s study, “Losing the Cyber Culture War in Healthcare: Accenture 2018 Healthcare Workforce Survey on Cybersecurity” found that 18% of healthcare employees are willing to sell confidential data to unauthorized parties for as little as $500 to $1,000.

Wipro’s State of Cybersecurity Report 2018 underscores how all industries are facing a security crisis today. The study shows how all industries need a more scalable approach to security that protects every attack surface by validating every access request on every device, for every resource. Zero Trust Security (ZTS) continues to be proven effective in thwarting breach attempts across all industries by relying on its four core pillars of verifying the identity of every user, validating every device, limiting access and privilege, as well as relying on machine learning to analyze user behavior and gain greater insights from analytics. Leaders in this field include Centrify for Privileged Access Management, Idaptive, (a new company soon to be spun out from Centrify) for Next-Gen Access, as well as Cisco, F5 and Palo Alto Networks in networking.

ZTS starts by maturing an organization’s identity management practices ― be it to secure end-user access credentials through Next-Gen Access (NGA) or to secure privileged user credentials via Zero Trust Privilege (ZTP). NGA empowers organizations to validate every end user access attempt by capturing and then analyzing a wide breadth of data, including user identity, device, device operating system, location, time, resource request, and many other factors to derive risk scores. NGA determines in less than a second if verified end users will get immediate access to resources requested, or be asked to verify their identity further through Multi-Factor Authentication (MFA). Zero Trust Privilege is focused on privileged users that typically hold the “keys to the kingdom” and therefore are a common target for cyber adversaries. ZTP grants least privilege access based on verifying who is requesting access, the context of the request, and the risk of the access environment. By implementing least privilege access, organizations minimize attack surfaces, improving audit and compliance visibility, and reducing risk, complexity, and costs for the modern, hybrid enterprise. Every industry needs Zero Trust Security to secure the proliferating number and variety of attack surfaces and realize that each customer, employee and partner identity is their real security perimeter.

Key takeaways of the Wipro State of Cybersecurity Report 2018 include the following:

Security Architecture & Design and Machine learning & AI are the #1 and #2 ranked security competencies for the future. When senior executive respondents were asked which security competencies would most help security practitioners excel in the cybersecurity domain, they mentioned security architecture & design (31%) and machine learning & AI (19%) as their top choices. Next-Gen Access platforms leverage machine learning algorithms to continuously learn and generate contextual intelligence that is used to streamline access for verified end users while thwarting breach attempts, the most common of which is compromised credentials. Please click on the graphic to expand it for easier reading.

29% of respondents say that Privileged Access Management (PAM) gave them most value, further validating now is the time for Zero Trust Privilege. IT executives are more and more understanding that privileged access credential abuse is the most common cause for cyber-attacks and therefore are starting to place more emphasis on implementing Privileged Access Management. Centrify has recently announced a new focus on Zero Trust Privilege, extending PAM to a broader modern threatscape including DevOps, containers, Big Data and more. Please click on the graphic to expand it for easier reading.

Endpoint attack vectors are proliferating faster than traditional enterprise security approaches can keep up. The scale and scope of endpoint attack vectors continue to change quickly. Wipro found that breach attempts are often multi-dimensional with orchestrated attempts to compromise a combination of attack vectors at once. Wipro’s findings that endpoint attack vectors are fluctuating so quickly further support the need for ZTS enabled by Next-Gen Access as the primary security strategy to thwart breach attempts. Please click on the graphic to expand it for easier reading.

Conclusion

In quantifying the number and scope of breaches healthcare, banking & financial services, retail, education and manufacturing companies experienced in 2017, Wipro’s latest Wipro State of Cybersecurity Report shows how every identity is the new security perimeter of a business. Attack surfaces are proliferating with the growth of business models in each of these industries, accelerated by the Internet of Things (IoT) adoption and smart, connected products and systems. By relying on the four core pillars of verifying the identity of every user, validating every device, limiting access and privilege, as well as relying on machine learning to analyze user behavior and gain greater insights from analytics, Zero Trust Security thwarts breach attempts by protecting every threat surface in real-time.

Oct 14

2018 Roundup Of Cloud Computing Forecasts And Market Estimates

Cloud computing platforms and applications are proliferating across enterprises today, serving as the IT infrastructure driving new digital businesses. The following roundup of cloud computing forecasts and market estimates reflect a maturing global market for cloud services, with proven scale, speed and security to support new business models.

CIOs who are creating compelling business cases that rely on cloud platforms as a growth catalyst is the architects enabling these new business initiatives to succeed. The era of CIO strategist has arrived. Key takeaways include the following:

Amazon Web Services (AWS) accounted for 55% of the company’s operating profit in Q2, 2018, despite contributing only 12% to the company’s net sales. In Q1, 2018 services accounted for 40% of Amazon’s revenue, up from 26% three years earlier. Source: Cloud Business Drives Amazon’s Profits, Statista, July 27, 2018.

80% of enterprises are both running apps on or experimenting with Amazon Web Services (AWS) as their preferred cloud platform. 67% of enterprises are running apps on (45%) and experimenting on (22%) the Microsoft Azure platform. 18% of enterprises are using Google’s Cloud Platform for applications today, with 23% evaluating the platform for future use. RightScale’s 2018 survey was included in the original data set Statista used to create the comparison. Source: Statista, Current and planned usage of public cloud platform services running applications worldwide in 2018. Please click on the graphic to expand for easier viewing.

Enterprise adoption of Microsoft Azure increased significantly from 43% to 58% attaining a 35% CAGR while AWS adoption increased from 59% to 68%. Enterprise respondents with future projects (the combination of experimenting and planning to use) show the most interest in Google (41%). Source: RightScale 2018 State of the Cloud Report. Please click on the graphic to expand for easier viewing.

The enterprise SaaS market is now generating $20B in quarterly revenues for software vendors, a number that is growing by 32% per year. Microsoft is in the lead with a worldwide market share of over 17% and is now the leading SaaS vendor primarily due to its leadership in the high-growth collaboration segment. Source: Quarterly SaaS Spending Reaches $20 billion as Microsoft Extends its Market Leadership, Synergy Research August 21, 2018.
Financial Services has the highest percentage of server images deployed in private or public clouds, approaching nearly 100% versus a median adoption rate of 19%. A recent McKinsey & Company study found Financial Services had progressed the furthest to advanced cloud maturity beyond virtualization and basic cloud compared to insurance and healthcare. Source: McKinsey & Company, Cloud adoption to accelerate IT modernization by Nagendra Bommadevara, Andrea Del Miglio, and Steve Jansen.

Wikibon projects the True Private Cloud (TPC) worldwide market will experience a compound annual growth rate of 29.2%, reaching $262.4B by 2027. The firm predicts TPC growth will far outpace the infrastructure-as-a-service (IaaS) growth of 15.2% over the same period. A true private cloud is distinguished from a private cloud by the completeness of the integration of all aspects of the offering, including performance characteristics such as price, agility, and service breadth. Please see the source link for additional details on TPC. Source: Wikibon’s 2018 True Private Cloud Forecast and Market Shares. Please click on the graphic to expand for easier viewing.

Quality Control, Computer-Aided Engineering, and Manufacturing Execution Systems (MES) are the three most widely adopted systems in the cloud by discrete and process The survey also found that 60% of discrete and process manufacturers say their end users prefer the cloud over on-premise. Source: Amazon Web Services & IDC: Industrial Customers Are Ready For The Cloud – Now (PDF, 13 pp., no opt-in, sponsored by AWS). Please click on the graphic to expand for easier viewing.

The Worldwide Public Cloud Services Market is projected to grow by 17.3 3% in 2019 to total $206.2B, up from $175.8B in 2018 according to Gartner. In 2018 the market will grow a healthy 21% up from $145.3B in 2017 according to the research and advisory firm. Infrastructure-as-a-Service (IaaS) will be the fastest-growing segment of the market, forecasted to grow by 27.6% in 2019 to reach $39.5B, up from $31B in 2018. By 2022, Gartner expects that 90% of enterprises purchasing public cloud IaaS will do so from an integrated IaaS and Platform-as-a-Service (PaaS), and will use both the IaaS and PaaS capabilities from that provider. Source: Gartner Forecasts Worldwide Public Cloud Revenue to Grow 17.3 Percent in 2019.

Total spending on IT infrastructure products (server, enterprise storage, and Ethernet switches) for deployment in cloud environments is projected to attain a 10.9% year-over-year growth rate, reaching $52.3B this year. Long-term, IDC expects spending on off-premises cloud IT infrastructure will grow at a five-year compound annual growth rate (CAGR) of 10.8%, reaching $55.7B. Source: Spending on IT Infrastructure for Deployment in Cloud Environments is Forecast to Grow 10.9% in 2018, According to IDC.

More than $1.3T in IT spending will be directly or indirectly affected by the shift to cloud by 2022. 28% of spending within key enterprise IT markets will shift to the cloud by 2022, up from 19% in 2018. The largest cloud shift before 2018 occurred in application software, particularly driven by customer relationship management (CRM) software, with Salesforce dominating as the market leader. CRM has already reached a tipping point where a higher proportion of spending occurs in the cloud than in traditional software. Source: Gartner Says 28 Percent of Spending in Key IT Segments Will Shift to the Cloud by 2022.

IDC predicts worldwide Public Cloud Services Spending will reach $180B in 2018, an increase of 23.7% over 2017. According to IDC, the market is expected to achieve a five-year compound annual growth rate (CAGR) of 21.9% with public cloud services spending totaling $277B in 2021. The industries that are forecast to spend the most on public cloud services in 2018 are discrete manufacturing ($19.7B), professional services ($18.1B), and banking ($16.7B). The process manufacturing and retail industries are also expected to spend more than $10B each on public cloud services in 2018. These five industries will remain at the top in 2021 due to their continued investment in public cloud solutions. The industries that will see the fastest spending growth over the five-year forecast period are professional services (24.4% CAGR), telecom (23.3% CAGR), and banking (23.0% CAGR). Source: Worldwide Public Cloud Services Spending Forecast to Reach $160 Billion This Year, According to IDC.
Discrete Manufacturing is predicted to lead all industries on public cloud spending of $19.7B in 2018 according to IDC. Additional industries forecast to spend the most on public cloud services this year include Professional Services at $18.1B and Banking at $16.7B. The process manufacturing and retail industries are also expected to spend more than $10B each on public cloud services in 2018. According to IDC, these five industries will remain at the top in 2021 due to their continued investment in public cloud solutions. The industries that will see the fastest spending growth over the five-year forecast period are Professional Services with a 24.4% CAGR, Telecommunications with a 23.3% CAGR, and banking with a 23% CAGR. Source: Worldwide Public Cloud Services Spending Forecast to Reach $160 Billion This Year, According to IDC.

Additional Resources: