10 Cybersecurity Lessons Learned In 2016

Lesson Learned

2016 presented new challenges in security, from a rising tide of Internet of Things attacks to new categories of security technologies to contentious political conversations around cybersecurity in the public sector. With those challenges came many lessons on how solution providers need to position both their portfolios and their businesses to both capture opportunities and better protect their clients. As partners look forward to 2017 and beyond, these lessons will prove critical to staying ahead of threats and making the most of the security market.

Security Is Major Opportunity For Solution Providers

At the beginning of the year, some analysts and big-name vendors predicted a security slowdown in 2016, but all indications are pointing to a year that has been bigger than ever when it comes to interest in security and security spending. Solution providers of all sizes said security spending remained one of the top customer priorities for the year. According to a recent report by Cybersecurity Ventures, worldwide spending on security products and services will hit $1 trillion during the five-year period between 2017 and 2021, a market that founder Steve Morgan said presents a significant opportunity for solution providers. Throughout the year, partners were looking to grab hold of this opportunity, adding security offerings, managed security services practices or even launching full new security-focused businesses. This opportunity for partners will likely only continue to grow as security remains top of mind for customers in 2017 and beyond.

Ransomware Is A Real Problem

Many solution providers and vendors accurately predicted that 2016 would see a continued rise in ransomware attacks. Several high-profile ransomware attacks, most notably an attack on a California hospital in February that left it unable to care for its patients. Also, there was an attack on the San Francisco Municipal Transportation Agency (SFMTA) network that forced the agency to allow passengers to travel for free. In the first quarter alone, there was $209 million paid to ransomware attackers, according to FBI data, putting the full year 2016 on pace for $1 billion in known ransomware payments.

Collaboration Is Key

No one can go it alone in security. This year, vendors turned out in force to support that, rolling out technology partner programs and API initiatives to allow customers and partners to better integrate their technologies with the other vendors in their portfolios. Some of the vendors that launched programs this year included LightCyber, Blue Coat Systems and Skyhigh Networks.

For partners, these ready-made integrations help them drive more value across their security line cards and, from there, develop customer services and solutions packages. They said it also helps them smooth the process of adding new vendors to customer environments without vastly adjusting their budgets for a new point solution.

Security Gets Political

Starting in 2015, policy makers started to pay a lot more attention to the security industry, with debates around encryption, data privacy, surveillance, information sharing and more. Those debates only grew more heated in 2016, starting with a fight over encryption between Apple and the FBI, in which the law enforcement organization tried to compel Apple to open an encrypted iPhone involved in the San Bernardino terrorist attack last year. The FBI ultimately went around Apple to hack the iPhone in question. The political conversation on security continues as the Democratic National Committee suffered a security breach, leading to a trove of private emails being shared on WikiLeaks, and now U.S. intelligence agencies are reporting that state-sponsored Russian hackers likely influenced 2016 Presidential election.

The Pendulum Swings To Endpoint

There’s been a shift in the security industry over the past year or so, moving away from so-called perimeter network security solutions to put an increased emphasis on endpoint and data security solutions. With that shift has come an emerging tsunami wave of next-generation endpoint security startups, such as Cylance, Crowdstrike, Cybereason, CounterTack, and many more that are gaining steam as legacy vendors look to pivot to the new endpoint paradigm. Many network security vendors, including Palo Alto Networks, FireEye, Cisco, Check Point, and more have also looked to jump into the endpoint market in a big way In 2016. While network security solutions aren’t going away, the shift recognizes that perimeter technologies aren’t infallible, and customers need to start protecting data where it lives on the endpoint and in the data center. Solution providers say that shift has only continued to accelerate into 2017 and beyond.

Security Incidents Have Wide-Reaching Business Implications

In years past, businesses have learned lessons about the implications of a breach beyond the stolen data, including the firing of top executives, reputational hits and more. This year, the impact a breach can have on mergers and acquisitions was highlighted with two mega breaches discovered at Yahoo, with 500 million and 1 billion records stolen in each incident, respectively. The events are reportedly causing Verizon to reconsider its buyout of Yahoo, a deal anticipated to be worth $4.8 billion. Verizon is considering a price cut or killing its planned $4.83 billion acquisition of Yahoo completely, reports said at the time.

Need For IoT Security Is Real

The need for security solutions around the Internet of Things took center stage in October, with a distributed denial-of-service (DDoS) attack that hit Internet performance management company Dyn. The attack affected its Managed Domain Name Servers (DNS) customers and caused widespread internet outages across the East Coast, impacting prominent sites such as Amazon.com, Twitter and Spotify. The attack came largely from devices infected by the Mirai botnet – malware that spreads to vulnerable devices by continuously scanning the Internet for IoT systems protected by factory default or hard-coded usernames and passwords. Solution providers at the time said the DDoS attack validated and deepened the industry's concerns over the security risk posed by the Internet of Things.

Security Industry Consolidation Begins

Consolidation started to take place in a big way in the security market in 2016, bringing to bear predictions that some of the market’s thousands of startups would be acquired. 2016 so far has yielded some blockbuster deals, most notably the $4.65 billion acquisition of Blue Coat Systems by Symantec and its follow-up acquisition of LifeLock for $2.3 billion. Other acquisitions during the year so far included Carbon Black acquiring Confer, Avast Software acquiring AVG, private equity acquiring Dell Software, private equity acquiring Ping Identity, private equity acquiring Intel Security, and Optiv Security making three acquisitions, as well as getting acquired itself. Rumors have already started flying as to who could be next in 2017, in what is likely to be another interesting year for security acquisitions.

CASBs Gaining Steam

2015 was a busy year for the budding cloud access security brokerage (CASB) market, and 2016 wasn’t any different. As the cloud continues to gain traction in the enterprise, CASB providers are starting to gain serious traction with partners and customers that are looking to secure their moves off-premises. According to Gartner, 85 percent of enterprises will be using a CASB solution by 2020. That is up from fewer than 5 percent today, Gartner said. Last year saw multiple acquisitions in the space, with big-name vendors such as Cisco, Blue Coat and Microsoft jumping in to buy CASB players. This year, Symantec also joined the fray when it picked up Blue Coat.

Security Status Quo Changing

One thing that is clear from 2016 is that the security status quo is in for a shakeup – big time – with big-name vendors showing shaky earnings and startups moving into the incumbent territory. That has led to some infighting in the space, with big-name vendors and startups facing off with sharp words about why their technology is better than their competitors. However, the rise of a new wave of startups has also catalyzed big, drastic changes at some of the biggest vendors in security, including Symantec, Intel Security, FireEye and more. Who will win out in the end? That remains to be seen.